Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

261ba89ef7...8.html

windows7-x64

1

261ba89ef7...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 20:11 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    261ba89ef79023d203d8a8227369140a_JaffaCakes118.html

  • Size

    6KB

  • MD5

    261ba89ef79023d203d8a8227369140a

  • SHA1

    6e386751eeb644f979cc2d3e8566c9da587324ce

  • SHA256

    1c1700a086948e355af0dcbd2d58140f67e0ebe11ab748df33f4c3f9bf6b77ca

  • SHA512

    88f7bf1b231918ffeaf95d12636274cadb4d0aa8f9ae4a9ea18212c6ca891417052c97ecaaa7c92e5f93eb1fd17aa1f17ad91d84441be1625127d8f2ce912c88

  • SSDEEP

    96:uzVs+ux7U+jLLY1k9o84d12ef7CSTUiZcEZ7ru7f:csz7U+jAYS/hb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\261ba89ef79023d203d8a8227369140a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

  • flag-us
    DNS
    counters.gigya.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    counters.gigya.com
    IN A
    Response
  • flag-us
    DNS
    analytics.hosting24.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    analytics.hosting24.com
    IN A
    Response
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
    Response
    fc01.deviantart.net
    IN A
    35.81.236.82
    fc01.deviantart.net
    IN A
    54.214.192.190
    fc01.deviantart.net
    IN A
    52.27.45.179
  • flag-us
    GET
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    IEXPLORE.EXE
    Remote address:
    35.81.236.82:80
    Request
    GET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fc01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Thu, 04 Jul 2024 20:15:19 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Server: nginx
    Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
  • flag-us
    DNS
    orig01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    orig01.deviantart.net
    IN A
    Response
    orig01.deviantart.net
    IN A
    34.218.68.46
    orig01.deviantart.net
    IN A
    54.189.14.144
    orig01.deviantart.net
    IN A
    35.165.70.199
  • flag-us
    GET
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    IEXPLORE.EXE
    Remote address:
    34.218.68.46:80
    Request
    GET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: orig01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Thu, 04 Jul 2024 20:15:19 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 0
    Connection: keep-alive
    Server: da-redirector/0.5.2
  • 35.81.236.82:80
    fc01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 35.81.236.82:80
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    http
    IEXPLORE.EXE
    606 B
     634 B
     6
    5

    HTTP Request

    GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg

    HTTP Response

    301
  • 34.218.68.46:80
    orig01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 34.218.68.46:80
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    http
    IEXPLORE.EXE
    608 B
     387 B
     6
    5

    HTTP Request

    GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg

    HTTP Response

    404
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    counters.gigya.com
    dns
    IEXPLORE.EXE
    64 B
     129 B
     1
    1

    DNS Request

    counters.gigya.com

  • 8.8.8.8:53
    analytics.hosting24.com
    dns
    IEXPLORE.EXE
    69 B
     124 B
     1
    1

    DNS Request

    analytics.hosting24.com

  • 8.8.8.8:53
    fc01.deviantart.net
    dns
    IEXPLORE.EXE
    65 B
     113 B
     1
    1

    DNS Request

    fc01.deviantart.net

    DNS Response

    35.81.236.82
    54.214.192.190
    52.27.45.179

  • 8.8.8.8:53
    orig01.deviantart.net
    dns
    IEXPLORE.EXE
    67 B
     115 B
     1
    1

    DNS Request

    orig01.deviantart.net

    DNS Response

    34.218.68.46
    54.189.14.144
    35.165.70.199

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e639a14981ce4b1bd413d18b7dea244d

    SHA1

    9b860ccce9ff503424268c6c3174952fac140fb1

    SHA256

    8104f98f87ffac3ab2cceefb1b16bd5661aab1932635c8c432833a17dbc9fd77

    SHA512

    4fabd5bf980b7efdcee7f9e45dba50d4a521b6b740a48c6b45013cb20202a28bfb88f3f7aee952b32d15457ad3fe1ef05ea64679f1623bc64a0def92769e76c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4afe1091a09ee4b59a39484500dc180d

    SHA1

    14d9d7d403b2234a842e1f67f8208e6349b857b8

    SHA256

    eebae9f92a8478a926fd113518e433332ef1c18daf91524551f2730260fc869c

    SHA512

    58d9cb35af4b9236a6c893afcc5bec5a6adbf3d63bf4e6c8a066c6a58715913ae3eb87c1f8efd7355b162258cc47466b3038de183d1da856ebcfcce23fd72d0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee15707f620823bb29a47b32ad1dba23

    SHA1

    be6ed12f37cd72a761c67480f150c3b78f9979b1

    SHA256

    75b6dcdd00153579cfc938ee546255c51ddf3cef9a50d47b4fde297b7338e28a

    SHA512

    b39350fea08724e3685983c21a6a3d2410b13f06c7292898a9bc042ff05cd6bda4eb0d56d4b10cd5ac2a31df1fa4be992cbf08fc222a8e17acdf37630b23e52e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d6faaaa2284825bd6af9895f4f55df5

    SHA1

    4e3b4e3e9dbbce92abea58acb8d542b2c7a41c7e

    SHA256

    f06f237f2288ac851f30ec876b452cf1edb326556fcde656235d8df81eaa6c42

    SHA512

    c594440fd25b4042b901ff03664bbb94f9939d61a8ef91830e3644223696d73f0b0870cbc4f76dcefe60d272783dc0acaff4401195836e02cf4c5451a71f57a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    025cd80b9780707763fa28343a5dd33f

    SHA1

    82b230269c965dcd5bf14fcb9e6d3899b02f96ec

    SHA256

    61380e8d98a0665e98bab5340f69f34308ae0558519c7a87429a7db015e2fdf0

    SHA512

    49ebb6c7548c9012f7fac389fc997eb96d3e086808cc38c92702e2f83b756478e56fb15b86831ee597c7d5e69d43eee9d1ca7e83f0d4a5f30ceefd63672354a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b737ad6d590f844733e16f49d6ac101f

    SHA1

    693b7d90053700fd8bb89fd782337cbe6467e93f

    SHA256

    99e2affff8202cd31e968a327dc184e923ddbd0fc9e96de369ccba472ad6ac0f

    SHA512

    7c9882986f078d1bad1ab5d1686f6920fc5a6f9d58022680ce50b9f18365d4b1d291669c92449833a9b9171ef040ea0e24671ba2624f57b1715eb956ecbcca1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a65899303a25dc249913441fb696c450

    SHA1

    2034e2f86325a7abefb51ca144fb97e50ad3566d

    SHA256

    39a79c252966d93413c2f3c11ce3df2501a102cc23d32cb59fba1ccfb4a1bebd

    SHA512

    7d5341a786cb87735e7bb72cf9c03254f854b38babaa0cefd3d9d6bbbc33b0821e05683d476909f5c0ab9d2d9fa497cd7a42fe8cf205816b76300eee69606b3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03421c8c772fa58722bda708000fb650

    SHA1

    56a93d329bd06cff2240c513dfbc3b4de806e811

    SHA256

    878faeafb901e797c9e65dfedd9cdf7b4f85d98879244fec89be5a252afdb156

    SHA512

    8553350b6467b5be329913222118253b064de8782a3785e68bfbbad92a1613bf8cf333d093534b1ed306a8c3aa67374554edaf8f013e4ebb769ae4359ad2da17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b5aa0569680af1d3687a49131cbb42a

    SHA1

    1d7e4d2402cf784e096c0f9e9a3f03daf5657442

    SHA256

    2275f6ef0300b98ff39230c20d401063590da889a46c071e6488b518a69a3c07

    SHA512

    45a2ee2456148d5255ffcad8d456fe21f555e8e6ab6ea29a87adbb214c8e0473ca634c133c753a8b4eee81d07df8ee9fa749899de6b9ae9ce4c3c79f1457c373

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc6c7b0afe22b40745439a9f18b67db4

    SHA1

    25e1a7d7a962aebbc48a471cd80cba6c46a7dc40

    SHA256

    528639501386ba58796755aa248b675362a307ce941952314fe03e1ed82c3294

    SHA512

    a29c2bd6a43c1910eb8c85d5381d9f2d2ed60dabb6d44dccbbe9a33c6e836be10f2988d3a9a8273091e2d3cf025484b8b8e330a803484ed0f5f5d69eb2db0d06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    415ee74369ccb882c9e6612926a7e9a5

    SHA1

    117f2bbfee8523615fbb76dfd7f497007990373b

    SHA256

    992ace4a209089c7916067827174637cd8d3ee356c05f46f7252a414f18488c1

    SHA512

    0fc2741278ab1328602a57a193eaa79f885617fd1569466a8329b92b0edc8af14841be971d895736d5dcf01b12402bcda97f7b6aa64b5a1756f08b64eb4e0876

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    374e4981c60823ce6addd9db5378781a

    SHA1

    f8b9ad9b4b23ba814de0d78684c0d54823063e00

    SHA256

    f11577419863cc1d8745c5c659dd20f63a53b7716240ad6f09dd238d700bbf51

    SHA512

    6e424d560ecb600c8e76580d337c17a4e2c063b0ab3b18c677196350a0f8e26dd0b33cbdc62a55a8bc26bc61a3738fb5ba69ec782d7330cfd69459888c6b5dd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    334a50b97c7e6bb86f653732f14d5a0a

    SHA1

    fca51b31c5b30f0e6314a04d86339e74d92f8759

    SHA256

    ee9d641cdbb5c3410f4c9210ce8e1b9485120a7c4c57f1ac546a3bb7b7278610

    SHA512

    2af8d79c3cc8d757b17cc4b3a50cb53d0c97d610dd864185e5700c6e69a44d3d6bbe91732db365700983ce727c383e1a435b19c7d268a836c84a4cfef96c6dcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3950ab4783ca3755254d1eed59df271c

    SHA1

    696a82f9a9452f72470505675573f453051c2701

    SHA256

    6f614f53ca039762f2948483d67e63f5fd2ca4d6b3feb0cecef4d75990010d2d

    SHA512

    4dc3a4f7ef501815617804a5491de15da801b4979616555c4c50c14b22c1bb41605e99ba33efc99b1ebc972a4a91ef7ff9d976625101f01f9109bc6a2fa7a2a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    761609491021a509fdea8dd1899c1917

    SHA1

    d255fa05db9ec8fb68d562f7b42e449741130d38

    SHA256

    24555c2cb4c0072fecf65538a7ec7425a03162c178eaee128ed89695171be034

    SHA512

    4ac5933487ddb1bb8f9a2158e09ed2e6092cbd5c720035a4be8208e49b7a239fb5ffb052b3d7d4fbcbbe917f55f63cd7a80f2ce78ae21b69a04a33d58ee108b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3CD4.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3E04.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.