Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

7bd39cb49e...8.html

windows7-x64

1

7bd39cb49e...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    28/05/2024, 05:15 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7bd39cb49e663c4a369661f14d9ea69f_JaffaCakes118.html

  • Size

    67KB

  • MD5

    7bd39cb49e663c4a369661f14d9ea69f

  • SHA1

    a027baedfa3c5759c68f4fb488cd96e2dd4197ce

  • SHA256

    2725788b2a7914be10f19069efd1a61252151a122bc71ba9d1ab60dfd17dccd0

  • SHA512

    77b33d14e66762e117a2817529c1a808914c7214eb014ab57eb6b5640e7125fa14ad8d6bd3a9dfce7e1a75cc5ecb855ea7ca9d66eac1982c695534bfe9980f92

  • SSDEEP

    768:JiSgcMsSZ8tN99OIsEkjT2poTyfQCZkoTnMdtbBnfBgN8/oygcR/QFVG8c//Ijkp:JQWsTePec0tbrga6cuNnzIjv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7bd39cb49e663c4a369661f14d9ea69f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1680 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

  • flag-us
    DNS
    img.sedoparking.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    img.sedoparking.com
    IN A
    Response
    img.sedoparking.com
    IN CNAME
    sedo.cachefly.net
    sedo.cachefly.net
    IN CNAME
    vip1.g5.cachefly.net
    vip1.g5.cachefly.net
    IN A
    205.234.175.175
  • flag-us
    DNS
    www.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    172.217.20.196
  • flag-us
    GET
    http://img.sedoparking.com/js/jquery-1.11.3.custom.min.js
    IEXPLORE.EXE
    Remote address:
    205.234.175.175:80
    Request
    GET /js/jquery-1.11.3.custom.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img.sedoparking.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Tue, 28 May 2024 05:15:51 GMT
    Content-Type: application/x-javascript
    Content-Length: 25176
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=86400
    Expires: Wed, 29 May 2024 05:15:51 GMT
    X-CFHash: "7dd2fc9525d32ef5c44abe9036c98ad1"
    X-CFF: B
    Last-Modified: Thu, 28 Jun 2018 13:09:28 GMT
    Vary: Accept-Encoding
    X-CF3: H
    CF4Age: 0
    x-cf-tsc: 1685886798
    CF4ttl: 31536000.000
    Content-Encoding: gzip
    X-CF2: H
    Server: CFS 0215
    X-CF-ReqID: 89a4fb1b9ab7c0f91d09e7082b6712ec
    X-CF1: 11696:fE.lon1:cf:nom:cacheN.lon1-01:H
    Accept-Ranges: bytes
  • flag-fr
    GET
    http://www.google.com/adsense/domains/caf.js
    IEXPLORE.EXE
    Remote address:
    172.217.20.196:80
    Request
    GET /adsense/domains/caf.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Type: text/javascript; charset=UTF-8
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
    Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
    Date: Tue, 28 May 2024 05:15:51 GMT
    Expires: Tue, 28 May 2024 05:15:51 GMT
    Cache-Control: private, max-age=3600
    ETag: "14758230698620770899"
    X-Content-Type-Options: nosniff
    Link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: sffe
    X-XSS-Protection: 0
  • 205.234.175.175:80
    http://img.sedoparking.com/js/jquery-1.11.3.custom.min.js
    http
    IEXPLORE.EXE
    1.0kB
     26.7kB
     16
    23

    HTTP Request

    GET http://img.sedoparking.com/js/jquery-1.11.3.custom.min.js

    HTTP Response

    200
  • 172.217.20.196:80
    www.google.com
    IEXPLORE.EXE
    190 B
     92 B
     4
    2
  • 172.217.20.196:80
    http://www.google.com/adsense/domains/caf.js
    http
    IEXPLORE.EXE
    1.9kB
     77.4kB
     35
    60

    HTTP Request

    GET http://www.google.com/adsense/domains/caf.js

    HTTP Response

    200
  • 205.234.175.175:80
    img.sedoparking.com
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
     7.7kB
     9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
     7.7kB
     9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
     7.7kB
     10
    13
  • 8.8.8.8:53
    img.sedoparking.com
    dns
    IEXPLORE.EXE
    65 B
     134 B
     1
    1

    DNS Request

    img.sedoparking.com

    DNS Response

    205.234.175.175

  • 8.8.8.8:53
    www.google.com
    dns
    IEXPLORE.EXE
    60 B
     76 B
     1
    1

    DNS Request

    www.google.com

    DNS Response

    172.217.20.196

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f891d92f29e7ec2dc772018ea7327aac

    SHA1

    8fc5edcd331ed60c2ff6937239e44c1e4ba7d450

    SHA256

    374af1569e32dede467c918375cd27d0aa1887e6b1c64eef7ebd76e9186847af

    SHA512

    dc7fc7fc296a051e7210691ca423bfef1ef9cfdb80b76b04b8bf654b0bb28bf283a31e03da7d9fe1b0f724a00640ec6305d6a70136abc14ac41cb73d3a65a03a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb3994f4e715b4e21496142c62e475e3

    SHA1

    fb7a1763cc9f4354d4baf28ef3779c5402e51aee

    SHA256

    3ba103f91947933267c2d74e270c00a646f0e0307976d2f65d8dccfb2e0f80fb

    SHA512

    4dc679de206a6dd548fa49f27a6e80776a515d12be26a485b9cffe5d33906f64415e4e2be5bfb17ebeb170c5095a78a719bba1362f428fa1253c4291a50809c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6cb638e394ab8b7adbbdea2e3d080cde

    SHA1

    61657a62aca661fb75b51b785276a1a24ebbc1d7

    SHA256

    ce21ffc47db91d57cc65f2aca6eaa7dae9a2257e6ecea2eaf41b8c30e56ae2b6

    SHA512

    b1813062bf13f89378484e6d9003580cde7820b938b1d0fcabf3fb661ad5513c59e16b296e88eb2e0dd227425cd9a281bb393590906464d30d876e9571ff7cb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43e1c9e642e097b484a60ed882fc72ad

    SHA1

    d6f02adb39c7f05ad81963483e588fef976b19dd

    SHA256

    2515667a6c83aa2798f79f9267a94ca511fb01a9f12ded62cd42f61d2b44e581

    SHA512

    d9b424cf9e0e3e42609194b30db5f8558b3d7f676845f0893a526057651947cf326ca9e7e54498bc9d934b5d2f87b32dd168e5536325c279e349585e2ed5f708

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f47955ab93b052f889f39d6aa7ed775

    SHA1

    8b4e5a4fc20190d54598699d4901afc6b30f1006

    SHA256

    69579aba542876b5b49137d7c02897751f9387a14578bf3c1e0c65e4d384d1c7

    SHA512

    e009019358b5f577e7c5cb274cd7e3b5b637c71f98ce8063aa648bd3dfa42aed18fdc000621a66815028e1ac83ab7dfff63ae244188bca622b248ee749bdb728

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3e3028be9914305c2d3c3b246f71e93

    SHA1

    c243b8a05c47c7a411cd0b4002b174940e2d1a80

    SHA256

    d627d923ea786cb9e74cf33563905dbe537b8f27e990cfbdf534383ef10a2a80

    SHA512

    1c8d1824cae24364b2e2bf799b489677a05ad70b2eb2a6cad9b5488de6105a5b5ec877238233ba8654a7fbfbd6345307bd7ad711fbec5891c9b933538efadf5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f86dfe380232c6a19d1c21e816918d1

    SHA1

    f83501594cfcf7b59d3a63b7bebca5167a96024e

    SHA256

    82dedfe8a2dbad027107720ac714b6cae551cf0ceea151f98c3fcff8f8a0fcb5

    SHA512

    128229dfff11d49c38e4a1a39bdd58deb774ec688416b9de7f1bc93ae50957d254dd329765d6f2eb5c2bd77a4dbeef58c0d61fc39267b4f688c520e632d493cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8675a7d352ff6317b99df86e85f60a03

    SHA1

    f98d23c8bb0d87d3f8d1567ebb782c413cb05064

    SHA256

    76ee3c9df991e76731f9bee6f03b0b4247f808cf5871765d80d79a4739b8870f

    SHA512

    1f31538e807aab012627130a3c5b039b547b13a486e7c280d2422202cc295fe9ddf56bee257c54e62dfcf032e345455d45aff740339415768e62a38e30cbcffc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b3607d00188b849654ba1e6dbfae2be

    SHA1

    524f36d80662bd9a7b4b2741b3534e99d86fd92d

    SHA256

    5b5b9abbc9afda57bc42b73aa48a6675d2290ec71948a620e2d5c26398558668

    SHA512

    807e9497de7b0b6855a32b1a29231d796980301be8c3b107ebe72d9cce4f3aa7573d0373b6de7f85ab60f6209343ccd90f5cea2768a65b3e9c9545ece04202ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8edb3e150013dbe560533c55c620b019

    SHA1

    60c3f139eafe0794f2ba80192df2596b98ac0f39

    SHA256

    1d0318723170b299543d3e40c8b6cf130311eb196534ab29b3db4cb1ec6a9d1b

    SHA512

    801308fb84157da815a1dc5436a1fd0b27df3b0bf27904107ad1151bcffb62fa0e8d40526c731d25afbd28bac96788830f727e7b96cde0a4cbf04b8b6987ff61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcc459c814e6adb3ca87c11f5dea2f85

    SHA1

    066ef9dabbd4064599237a7f19b995b75627be33

    SHA256

    f9331465483cb61cf714a05203d711dad1fe89238a8e771f29a7f2db60eb9838

    SHA512

    7cfedaff2c79eb75ce1058212a3e17530daa0025d31537e3d09af615db0c7cb9c6dfc01a7243ff19ebc40492504d3e5222418ff9a3e93f49ae0449e766c5a613

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    388efa7e3b85866154177c5c3a728447

    SHA1

    e5c3338374455339ffd324844fdfa8da84f29ff3

    SHA256

    03bc1b9f04ffd81d0bbf52e9877a64d6b53c162b592219bc6212019a3ed7d5b2

    SHA512

    4c4553ffc0f3bba222221ff71d6d99458f090f38d33b41e876641f06b9c288ec7abb93b6b4c96b3690886b9ee15fb4844db725d3872f35a2ae1ff39fcf95bc74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bbdd8611a1021dbd7e9f7428dc217c14

    SHA1

    d860476c28c0a5e22e245ea63fa138c1399f5e50

    SHA256

    81ab89b8f96e343d7b735b6d1e6d4e8a8281b3a512d36adf3bbe492a527714ff

    SHA512

    c3a33836501a69b9a3160ae49278b2c42e6865ba4a6306e7b5bae135ba631fb25397c1ae6ad03e15a440e04baf9be4e90e44bec94b6307061207b3797148ef1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    59ea8318d8c6c74d987dc0ca9de7c554

    SHA1

    79937ed97ea98b8f1d4fe2e4bfd4f765de293c1c

    SHA256

    43dbb30732b3336461c7269cb6efd2b55be199a0713c5247c972f581a5062558

    SHA512

    f2fad612f129631614dcd7f7ffdbb6156e8962ab01087157acadbeb52dc4d5ae36a941836687c91c6bc6bc3f2c16931eebaa1ea865689a5066e60655ebd0712a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f00e322533490d0e6bc82a0680c01d21

    SHA1

    77990bc3d877a451a0b265bfbeaabc1e2d41c32f

    SHA256

    e459a5f99d320bfdcabdc5615ae787f889e7d2a52dc9d71f4f8c06fa644d96ca

    SHA512

    2deb62c18aa8abf557d55ad04902325a79b36972fa8cf863a588f488f3d01f58921fe689a8c268317d1af632fb3bc683121c8146dd684044a37f03982e6bec08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30b1edd89f0469754adf8a7b93b3ecdd

    SHA1

    d0654f172bf0cddd382e1cb03821701d8b02fbf7

    SHA256

    37cbb983a21dfe29c53f8d40603a5fc1ed32afc5b5e532e4265fc87f76d44b6e

    SHA512

    fc045539d122633ed7774c70c21ade55c3188a8866b023da1e85596d02b834c4d87b876a24e3a377ec043dfe21ae522a74ec8e03ec37922b65037b44f1cb4fac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d88ef2b2af38bef854e8b7d5054e188

    SHA1

    6ac49496e12ddf4dbb6e305f3713e676e31f186e

    SHA256

    69601cd79226c859063e91c3c6b630226748d6f3ddfbdcdff02142a525644f2a

    SHA512

    8daba64b18e28ef5cb694aeef8b12620057935e556fee5191d092b1f41144043e8c1d46796cd84ea905e2c0bd70fb54c974864bee3930509ba4143901c1c3018

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f6936b2ca91e8a181345fa2a5aa5ce8

    SHA1

    a0ba7b19d813880b17d671a6ddd490cb52648eef

    SHA256

    18130911daf5865a3f1ea7e631e33fea468e12f53b2f6befa71e32778cf554f1

    SHA512

    d91b0eefba9a919639654f9967a141220c965ebdae307808d0c734cf5b2fa769c069fefc528967d1b6d2b27c522444351945d372771db29e1a5d2a1f2467672b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d71a918a0520d3fafab1d199a4688c4

    SHA1

    bbe4036b67c45ac9d2d5a5f035f19d1230a4bc03

    SHA256

    84165ec6193fc8a3ef9a9916626feb3adb33ef0887f1295e0077686c92c50422

    SHA512

    9d14fa1717118df3c42fce962aa798a1702283fc736cc5f27246d6feda122241dcd2e8751fe8e54852d58267a16e6f455f5bab2584d419642f5d6c346a09dae9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49dd799c10ea5803588582a0f41f2797

    SHA1

    bb3065b80ce35d2b7fee78ef8ac78871b7650180

    SHA256

    80630c65183c8daab699a5fea7ad6e52c59a288f8acdb41c1388e5dc8e709490

    SHA512

    56bc9cccb2f5ddf8a9704f84b7f104733ce45ec6352c16cb3c8bd7c1fd8ab15365e6a23ac8709d94e18804591e6d44e3f4bc51c7e8409cdf58969cf240b12625

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab288A.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar28EA.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.