Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

16f4790b77...8.html

windows7-x64

1

16f4790b77...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    27/06/2024, 17:58 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    16f4790b77734d204b10b96d3cdf48d7_JaffaCakes118.html

  • Size

    105B

  • MD5

    16f4790b77734d204b10b96d3cdf48d7

  • SHA1

    9f082e1192e43f25ce15c6a9a04cfd5dbfd3bd64

  • SHA256

    033ae2b2364c971f1e125a5d38b52da0bd6181d7e2b5ded3930a49ec744dcfb8

  • SHA512

    6f51c44576880dfffce167de6fa06d75e65af103b01758fb299aa18db677827d5b5ea9bb5d3f4d78a085d59cbca3f8154d5bfdd8734f089d6b36718071f91496

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\16f4790b77734d204b10b96d3cdf48d7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:772
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:772 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2488

Network

  • flag-us
    DNS
    limon4ik.co.cc
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    limon4ik.co.cc
    IN A
    Response
    limon4ik.co.cc
    IN A
    175.126.123.219
  • flag-kr
    GET
    http://limon4ik.co.cc/eleon/getexe.php?spl=mdac
    IEXPLORE.EXE
    Remote address:
    175.126.123.219:80
    Request
    GET /eleon/getexe.php?spl=mdac HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: limon4ik.co.cc
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Thu, 27 Jun 2024 17:58:19 GMT
    Server: Apache
    Location: https://limon4ik.co.cc/eleon/getexe.php?spl=mdac
    Content-Length: 256
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
  • flag-kr
    GET
    https://limon4ik.co.cc/eleon/getexe.php?spl=mdac
    IEXPLORE.EXE
    Remote address:
    175.126.123.219:443
    Request
    GET /eleon/getexe.php?spl=mdac HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: limon4ik.co.cc
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Thu, 27 Jun 2024 17:58:27 GMT
    Server: Apache
    X-Powered-By: PHP/5.3.29
    Content-Length: 47
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
    Content-Type: text/html
  • 175.126.123.219:80
    http://limon4ik.co.cc/eleon/getexe.php?spl=mdac
    http
    IEXPLORE.EXE
    1.1kB
     689 B
     11
    4

    HTTP Request

    GET http://limon4ik.co.cc/eleon/getexe.php?spl=mdac

    HTTP Response

    301
  • 175.126.123.219:80
    limon4ik.co.cc
    IEXPLORE.EXE
    152 B
     3
  • 175.126.123.219:443
    https://limon4ik.co.cc/eleon/getexe.php?spl=mdac
    tls, http
    IEXPLORE.EXE
    1.2kB
     5.9kB
     13
    11

    HTTP Request

    GET https://limon4ik.co.cc/eleon/getexe.php?spl=mdac

    HTTP Response

    404
  • 175.126.123.219:80
    limon4ik.co.cc
    IEXPLORE.EXE
    296 B
     136 B
     6
    3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    1.2kB
     7.7kB
     12
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    999 B
     7.7kB
     11
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
     7.7kB
     10
    12
  • 8.8.8.8:53
    limon4ik.co.cc
    dns
    IEXPLORE.EXE
    60 B
     76 B
     1
    1

    DNS Request

    limon4ik.co.cc

    DNS Response

    175.126.123.219

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68472fca4e3d3982b8f8379a4b0d14ef

    SHA1

    1b462f0541cf967ff54c15cb3f0be2ed64923acc

    SHA256

    f62820b646ff2812be40512c3a11639674e84f01f366d2600c8350fd3ef9f528

    SHA512

    3a6d0e0e9aba6681d0e5b1f678c2db93a972c95b1bb49f7128fbe6f912189bd27332ab73a7f44f77adfe592b2045028de06819cfe70dd1eaff54ddd883140515

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a522ee9f9454e180da3f9ab0130942f

    SHA1

    603ba092831ce645fd601c11987a4d95a3128259

    SHA256

    3f29d9ca0c0e49755a31e301ef6444dd0241a49cedb4f05cb84113db26d2982f

    SHA512

    f4063837499488fa4cf2fea6f384d9aba484a2db232eb15c4296d01ce82b7ba51b85fc56bf96dac52cfe1411cfdd4b5b220f62d76e8247c5eea80a1af64690a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e5bfba06f7e1b3ae4c39eb1e7d1eec0

    SHA1

    48e644f74723a8d2a71af6796e4bd35813ef9caa

    SHA256

    6a4da3e610dcd3b563ab7d6b25d8c21270361611241251017afc33fe3c03c9a3

    SHA512

    b7319d8f27f9859a85c650f72a0f6fa13106d96d7c7c050b8e97032d6e53017491222cfb5d64be8b59d9e538f489815d99959ec289da130fde1eed8febc92741

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    298f29444e6c435fcb451a5760e1c3f3

    SHA1

    4d45f4cf7e7dec4f1675a7096fe09a32a558d329

    SHA256

    5a34b6930b541816c204acada2cabe98f0f57a9692628503e17b8a1ad002ba34

    SHA512

    c560eb57e2e4b4cfb25d8a1fdcfacd0ecba13516814ad64c9005af0f36dbb05dd1f81c61540f7e35f43b473d50a66b3e2720c16729b7195708fc5c28a50e0099

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ddd29499f5486bb5ad444961c5a8fb0e

    SHA1

    2e62e4fb6cf8c3a8c1c557c28e7583f618e27beb

    SHA256

    6492954d2534365d52bedc6edc80cac21030c76c8586d968d2c9eeb4c9fde3c6

    SHA512

    911fb7c88ff4f2aa0834179f20b583fd769fb4f58b5676493133bcb4d579a7a2c4005fd03e0ad18697a3499f6dc99ea38ca9329b3a05420c626ce8f49adc34f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4195be156be4eea5e17b324e3f545c64

    SHA1

    c6862399289e0debdfd2228384f316dafa3ba812

    SHA256

    741e0d698a6436e0c07c1d756ece535cc9c5a506a8a2de9f22f2a6295bdddc68

    SHA512

    705937e4a31c5e81ba5deb87277a99e80a3c641ebc09bd8b737e5fb95242e368cf7b6d075af9faabf153c5079c72e721db3bb8adfa279388d27a6f1487785992

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b3e781e757604959aa5e7adcfd4616f

    SHA1

    83693005d3d19ebc9404d430c4f7b10bb6dabc98

    SHA256

    33d8c3457120b42e26e593230015e6c7c6c7d574675a407408e5a07de4033ee8

    SHA512

    752350713eb99a7506dce6b4bb9b453b6d92b1aa1528f738af261cc148372f8d4509f74e1a6250c9111d74c53fc58666f5494d9c2c3591d4c59853c75672116e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2815af964b07dd8bef3150e5816423d

    SHA1

    b927b7fa678005290ca13ca460898985ae645073

    SHA256

    e8f2e8161ab2706381d78126e3ff26908d8638b059a82f27d690366e3eeac299

    SHA512

    b602ab25b7fe02c00cea43c57bd8f55d79a0844445eec92fc51be419374b18c8e03c5b4ca235ea27a5bc3112aa662295a80694d3d34c24c532ba78f339d28583

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43bad1ebf1a45bf7ba1f8265aa7dee7e

    SHA1

    a2697675bc3db67fddd9c24fff18da80e19ba46a

    SHA256

    05c97ea2c5de138e67a186a9c4ee2cededdaf08ea865abec5143047e6e76f57e

    SHA512

    6a8718f7ac69e2360c91d48af1e5595d39077844b65f8d996f321e3fcf9d7168cded3482349483b063c46a36da7c4ad984633a33ff6631dfe8307824ab56f42d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3f357a895afc6ed57b52904e4712677

    SHA1

    1d7dd27927e45fdd84a6ad7475374bfbeb1298bd

    SHA256

    cda75f8dac7fd6b02ac70436389cfa8934f85c65e74ee12f44b263057fd3d94a

    SHA512

    2bc2cc44edfde5e8af947f15b8f34d775b70d2818148029a7044982788d62d2399b532ca79d9a09e6d508810609739b68304b7429414f072f9faea41fa3c1e1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62c6dcf0cec6e01071b8ba81825d087e

    SHA1

    6653899973645740118de68d112b439b4af79f8a

    SHA256

    347bf3405d00b162439dd4d6a9bda61c7d38ac41014d48d7aefd360d64feeabd

    SHA512

    00c4780d998e98751c0e116894b6b131e0abf26a0fb95f380420c485bbb7737818ba07e58e8117607ead8914eb226cdbe9a007503fcf1e622828751f1a0d854d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2982843034da87a09e8b8dc815a07714

    SHA1

    d1917e6691ef60aa33daceb7cdfd2ec91d485431

    SHA256

    d240ff0c0feb5e32c8bc0e552cd4861b0a2211709941cfe68558c0ecda9b7c9b

    SHA512

    19e49eb574653253e2400c95a4ab755d6b7c4ecf5f094d081a93587f5680b2e1d35211475d5c00fa84ac00a610c335182fb1643b79bd03599ad9396138562d84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b94e997d62e76c4bc8a05970fd426c6

    SHA1

    e39db79a1b13589c2cc17dafbf80d3732584319f

    SHA256

    d3d17fad2153d7c3198d75c1172e4c808def92d49784e67cdba510eb2ab10363

    SHA512

    d548ed05dd1b68f33a71dde03606b03b71db11f13f9442a2fabe6356aa07e8d417fad5f3d6dfcfbafe384e2599b9e0b628733940e33db81b0be9472cb1266ba3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09dbe74bfcdc702fdb5703b4d4e178d0

    SHA1

    a0b244c6fc861f00d0e1aa80a67a2723fac8fcb3

    SHA256

    83d7990071882f5049995653bf74d7816988ad3ab06a856788c18d265e10a326

    SHA512

    ca6cfd7f874fee2e7e8ccfbd4f87dd78d252d0fe5753dc6a36d1bc20b01b9fab86c1eed7c30fc949e152ecaa5262b4280bd6f508cdbb4b7169093fa5add0fba3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aaf35e211fa505eb0b302a97e8023e1d

    SHA1

    49e792bd0174dc91adddc5f385a46ee6cdd143e6

    SHA256

    89c168a9b68fbc6d436fc7ec17be57367385029dfcbf543c7bfb5342ef5dbe07

    SHA512

    e1edaea88346bc21e0ab3069db4291a41fa4cb81c83a285fff7efbcdbf49da15c27a7d5aac9b97699468a4f60e42359e24cc2d9c537d6fa3e15e635ecfbe228c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e7a34364e12ddc01e1fc1332a0f243e

    SHA1

    c7dea5182acd4fc9419f94c2c1adbf6ab833b5cb

    SHA256

    63ffabe0f10d606b9ab611dedde11c3cd97e5c691058c78983a2e185478728e3

    SHA512

    96388ac5e318fff5dcafd5b3ebdf531f94be779a39bc9c496f841ed623727d96d07b97a0d6405879f24987709120fdc0e1f5f3c7c21cb876b5e9a47f1d913e1d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab209C.tmp
    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2170.tmp
    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.