Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

842cc5972d...8.html

windows7-x64

1

842cc5972d...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 12:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    842cc5972d15dfd1ca02c48fa7e16b4b_JaffaCakes118.html

  • Size

    3KB

  • MD5

    842cc5972d15dfd1ca02c48fa7e16b4b

  • SHA1

    80f3a810200b38f69718ceaaf8ef136f9cd81c8d

  • SHA256

    3c8fdb5191fd60a5007acd7c55cecc6593539b96fe402ce2e1aebba0d6e55a28

  • SHA512

    35e426758740f7fec465a9277e6159248fb8911c9b5cf37a455df8a6bf5a35faab0a9207aa641fdd17f840265aeded9007262fa251a8881c2fffd40be10061bb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\842cc5972d15dfd1ca02c48fa7e16b4b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1764
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1764 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2016

Network

  • flag-us
    DNS
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    party-nwvqdtumtz.now.sh
    IN A
    Response
    party-nwvqdtumtz.now.sh
    IN A
    76.76.21.164
    party-nwvqdtumtz.now.sh
    IN A
    76.76.21.142
  • flag-gb
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    216.58.213.14:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Date: Thu, 30 May 2024 11:25:01 GMT
    Expires: Thu, 30 May 2024 13:25:01 GMT
    Cache-Control: public, max-age=7200
    Age: 3917
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • 76.76.21.164:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    450 B
     259 B
     6
    6
  • 76.76.21.164:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    548 B
     306 B
     8
    7
  • 216.58.213.14:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    864 B
     19.7kB
     13
    17

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 216.58.213.14:80
    www.google-analytics.com
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 76.76.21.164:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    464 B
     259 B
     7
    6
  • 76.76.21.164:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    412 B
     259 B
     6
    6
  • 76.76.21.164:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    334 B
     259 B
     6
    6
  • 76.76.21.164:443
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 76.76.21.164:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    334 B
     259 B
     6
    6
  • 76.76.21.164:443
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.7kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.7kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    1.0kB
     7.6kB
     10
    12
  • 8.8.8.8:53
    party-nwvqdtumtz.now.sh
    dns
    IEXPLORE.EXE
    69 B
     101 B
     1
    1

    DNS Request

    party-nwvqdtumtz.now.sh

    DNS Response

    76.76.21.164
    76.76.21.142

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f4e58c00aa1f74f4ca875d98631eed3

    SHA1

    2fcf69c57324d7f7324cddb6621508171ba8408e

    SHA256

    a99b9e224e0079db5b8f0974ade0e79e1628faee7556bd4405c39cad2f8252b1

    SHA512

    aa1fddca4a55531c1a429b01dc5fb95b870183ace43f287f331084137be40aa972931ad06d3407e395945c17c3062a7f8616f2725453952a62766eca19d72f36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9f1e307f2ccfc89d4e83eac9b7b46d6

    SHA1

    5fbd24d7518bea1714a4f76f27b9aefc277d839b

    SHA256

    3f910168c468050160bc14444f2d4e0964170efe9a7594562c9563c9d6d524d4

    SHA512

    d48916bffa776737a0d9b2c201d4fbbd618bb6f5e1f5fcb5ad15758abecdc2d67e71a2c74da466a3b1954611222c955601e45420bde256be8c408a4bbbeaa99b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    423c5333fb6c1b93025747df2670f9f7

    SHA1

    1d5d8870199a33e13329e56f1da6a6df8ae47630

    SHA256

    2e536dbe1750b711eef54184a568c5609f99360e29aef4d98257a867d0183c87

    SHA512

    79a5cb0820db124b8fc7bef59c603c8af53eedad60792db71becdbd4f20e28f8b366121aa6225b976fae69f66f6abbf00f9a0274fa0e52fa0ae4b85855f865d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3c31b604b52e11f9fff23569b64e7fb

    SHA1

    f38bb05e3c99d660938f09fc968828731fa60c66

    SHA256

    25e83683922c5dc7f3e5575f867edbdd902b6eb1cd61180f9e43d94a97835986

    SHA512

    be14b347135ef325a7f096de6cc77c665ab31e845319510a94ef59df5d340d813c1a16626e010bc7484fb73b17296f489ee7b0b832cc65435f52c7afcd09e12d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73eb230e4ac8d353a6cd35e98a590dc0

    SHA1

    5bf804595f722441b1ed1bf3a8131a4b3214960f

    SHA256

    48e14d3a5af1b3e6ff6bff80e304f7ef0610e01f4a882e5fb99e9fae4f4f1a57

    SHA512

    ccd032d6860ea02c7bfc8d72e21d2a3654fbe6086e1ae1a4f98040bcf60e010e15d12c608408b0bfed2b01d722514a53eda598e92f07f4cce51344019d8a14c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ddd7c12b019cde9d18ee1a16cf3633f4

    SHA1

    27a18b8f17b26e1d3b1055ca45b8a9abf649c07b

    SHA256

    12819086d4c1dedfcc5d5c82644b0eefd75a041059dfd4b4af1197b28070b84b

    SHA512

    25b97d2cc93f6a44c10dc69ab0253e995859a66c6a296eed93b1ef90fe42506dc7d90adb66f1d1ce5801ee884a36f199599bef991e459d08f08a906521f0aa4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e704d95594c5b6172d858d1c1774482

    SHA1

    d57d21354a4d9c8a1bc88c19443b8ed3e421ef0c

    SHA256

    464931c0a1cc97fb5277fcc4e11beef332bcbd0e31051090bc36ae47d39ee170

    SHA512

    56a9dc52457d8c8c25fdea0c5a269ab30546543b9a53671ff7e81479f8aa99767598af6a663df2d2f49d5c527711efd2913ca8b1ae12575fbdc3b0f4497422ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95a12ee4119c7ad5199b1a0ee5e15a1f

    SHA1

    f9a985f8d7d10a3ef3e0a8049a4f4bb9c8fc12f7

    SHA256

    6a4f4143f273ae8ae88f5c2c19d2aa1ddc243330580c7f1179cdabf5b467d6ff

    SHA512

    cca120aae3bfe90dd97eddb0d2cc46515ac19ac34193bdd48d4befdcfbf4d2d458e26bee6c4f51af5c566585ff1f07e5df0426298920db79f8d1a7cf808708d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f398cafc0c3738d95e4b7adbd039a49

    SHA1

    3559836b0dcc4744c91876c5d8a226867e262f66

    SHA256

    98860dbbf6c5bca45c29d1bd0f13d336011cf77a11d8008d1ba9c8745ab1e721

    SHA512

    f61ba13590512c021130a83a96ced83959a0829ff8b1c50e6826c4b1d449df5db6cbfa1b8830fef0728eada4ddad708144789e6d94f38b36e2eeda481642a992

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    270bd12ba678337e1ab296f5f6bd092a

    SHA1

    62a4bcff7a753005ba32a35bb88a96919205ca53

    SHA256

    0e711b34eb5f7a7d15c823b029a7a20584c0f8bf95239a59f012b03f3c97134b

    SHA512

    ddbd2c2393d07ffd2ad7543a63b039685107c6ac9d35f6245dad1e2c10ba49d24050169acafccda85567aaac9268330189b461bd4f1dd66ae8e2ad33af86673d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dc53401a9ab63032fb983ed11ad5008

    SHA1

    6efb12427924bb5307ac7830042efdaf93cd522c

    SHA256

    2979c68804deccebe3b31e3248e82f705976aa74265e631194d33bbbccddc3e0

    SHA512

    ab5c1ba69e7cf28aac5ef8e0ebbf4afa8d9aa799765ae3e87fab55a586cbbcae63fbef880345411a861f207c71631df0e4348ba302b22c3a962aea94f7285503

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1a2cbfb0fcf943fefcc3fb4957d6517

    SHA1

    507a373d73f5fa9e986065278689bedf112214ac

    SHA256

    2f0f78371fac1a6f0076549cc067c28b2724fd1af5a1668aad9d313654633ee9

    SHA512

    d6743ee8cfea418a99a9e3cbaf0d746fd037f65308128edba6fb3338fea9cc0f2b2452339ae0036cda400b8119d340663e41a2427e8fd247d0b842fff68cab8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e505ec963fedb0c7eabca435c9b80937

    SHA1

    5befcbbc093c8918f0258363356346b111c1e803

    SHA256

    c17477225bb1070068abfd81b6a9b710868a68f07d08cce11128607018ae6bd6

    SHA512

    5f885088dd3cbcd27db0f304a145fcadefe0372f836bf5155cdbd04452c01c50e794cb9d436a8f732e9dc9817849a6849c25f522d1554f914484b3e1fd8125c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb5ef8e44dc7126cc069439703ae210e

    SHA1

    693c1850e09c0d9a26bca877cefeba50633f9481

    SHA256

    6a5a909be6862ce8fac3fe4f6968861af2ab9abb7cbe92e643e10744c5bc6ead

    SHA512

    717b511940387f73de60037471f4143e2e93080f338ed81e05e53676b214bd1e37cdbc1536359362e53cae08ce818227b6029e5d36251b606c98868239ec418e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ee7207ae628b353c58bc70dd956754f

    SHA1

    d7cb1d0fb1f9ade416f2522e5e5905080d5af809

    SHA256

    7eecd7467766b8f750d8bdf1ec1b35690404da9737cb233ad359ac4fe9f98a1d

    SHA512

    411cdb728d48f4d68d8e76139016a9541cf7af6658e661cd0afd71c3a6c72824ec6ac7f613cff1d1e41e121913a9bbc6963335c2e5fc064229f18cbf3d1c2aa3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79f156a4ef441942a2aa7a8e1186699b

    SHA1

    5f09b0f008d04947d9a19c3dc16b5b5ed6db87e0

    SHA256

    b0314f870145f6d23a16926968b60cbed17b76ec6911f0f9643beeaae2bccb8b

    SHA512

    2194c1814a6bec3a641bb5ee142333b57dce6cc26006db79b4e1691b9e79794168d44d0af7a520949cbf4e9d6f027bc1bfdbfe7701bfefd2d9d370c9fd9eb366

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    129fd704f603e712f5f36f93a12f561b

    SHA1

    e2c9315c83b8c3788fd26e04eb7ecb9ec5d2ac7c

    SHA256

    6271a853657282a41df3906563bf9be24bed63c9b53045cf0025b3826eb9aa05

    SHA512

    5186305d1ca0674d93e8dd5534e688c316332e16d7ab934342d9ab00f2a1a473406b0d6cb9cce0733252e4b6308b3114b1cff2264560b04f1ea3ae6b0014619a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2002.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2102.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.