Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

2df47334d4...8.html

windows7-x64

1

2df47334d4...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    08/07/2024, 21:58 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2df47334d428fbce4ded78b74d7d56e4_JaffaCakes118.html

  • Size

    10KB

  • MD5

    2df47334d428fbce4ded78b74d7d56e4

  • SHA1

    8105f6cb99d4c5dcbdb85fe54db4970cc77db8ea

  • SHA256

    d668843b6dddc397c348684ea2899db910054114b0c54095b85648dfca8b5a3c

  • SHA512

    d1c96b33b44d76cc25cef1b0b0abc25c3c9821f8057cdee05f8ad1201bef3ca07e062f1dcc6cc2946f438e8908c175ea9533953cef63519559c446f763d0b2da

  • SSDEEP

    96:uzVs+ux7UjLLY1k9o84d12ef7CSTUxGT/kGHp7+RNssJiusJbsJylVHcEZ7ru7f:csz7UjAYS/ASu6qxqbqyPHb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2df47334d428fbce4ded78b74d7d56e4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2312 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

  • flag-us
    DNS
    analytics.hosting24.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    analytics.hosting24.com
    IN A
    Response
  • flag-us
    DNS
    counters.gigya.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    counters.gigya.com
    IN A
    Response
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
    Response
    fc01.deviantart.net
    IN A
    52.27.45.179
    fc01.deviantart.net
    IN A
    54.214.192.190
    fc01.deviantart.net
    IN A
    35.81.236.82
  • flag-us
    GET
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    IEXPLORE.EXE
    Remote address:
    52.27.45.179:80
    Request
    GET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fc01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Tue, 09 Jul 2024 04:25:10 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Server: nginx
    Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
  • flag-us
    DNS
    orig01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    orig01.deviantart.net
    IN A
    Response
    orig01.deviantart.net
    IN A
    35.165.70.199
    orig01.deviantart.net
    IN A
    34.218.68.46
    orig01.deviantart.net
    IN A
    54.189.14.144
  • flag-us
    GET
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    IEXPLORE.EXE
    Remote address:
    35.165.70.199:80
    Request
    GET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: orig01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 09 Jul 2024 04:25:10 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 0
    Connection: keep-alive
    Server: da-redirector/0.5.2
  • 52.27.45.179:80
    fc01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 52.27.45.179:80
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    http
    IEXPLORE.EXE
    606 B
     634 B
     6
    5

    HTTP Request

    GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg

    HTTP Response

    301
  • 35.165.70.199:80
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    http
    IEXPLORE.EXE
    608 B
     387 B
     6
    5

    HTTP Request

    GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg

    HTTP Response

    404
  • 35.165.70.199:80
    orig01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.8kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    analytics.hosting24.com
    dns
    IEXPLORE.EXE
    69 B
     124 B
     1
    1

    DNS Request

    analytics.hosting24.com

  • 8.8.8.8:53
    counters.gigya.com
    dns
    IEXPLORE.EXE
    64 B
     129 B
     1
    1

    DNS Request

    counters.gigya.com

  • 8.8.8.8:53
    fc01.deviantart.net
    dns
    IEXPLORE.EXE
    65 B
     113 B
     1
    1

    DNS Request

    fc01.deviantart.net

    DNS Response

    52.27.45.179
    54.214.192.190
    35.81.236.82

  • 8.8.8.8:53
    orig01.deviantart.net
    dns
    IEXPLORE.EXE
    67 B
     115 B
     1
    1

    DNS Request

    orig01.deviantart.net

    DNS Response

    35.165.70.199
    34.218.68.46
    54.189.14.144

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f97db55268b22496a10cc901cdf0046

    SHA1

    976709e997fffb33319ccc9ae4899baad1506710

    SHA256

    38b65570e07cf9bc665d546f5679f39588e1b03922adcd984afa1a18eb176cc8

    SHA512

    ac4b2ea89199b5e0adaedc7f6e43d9859e3f57862cfcab10cbe988ba9d47f95fbd733f5411931961e8fc9475bd982319f93f69052c9b5afa0d4668a8804c067a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fb0f720ce96b0638a999fce77bb216f

    SHA1

    e551b78ceeff0ae8360c6789bffc28cfa55afb9b

    SHA256

    8a415eb07b90cba9a51cdde356aa694414337c05c893d779f022a64ab09d545e

    SHA512

    d1d2f256fba5b278032c43029fea978e903f205074f4bf17eb6d17d1ce11cc0f2865280aa42493f216f69b1c2c09d9b782e2bbef04db0a4d39677c6fe1a04051

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    314cb12ad01b0d634a5107cf0b495bee

    SHA1

    dc5dcc39197e0fdfe6bd3c329c348aad1fe98bd6

    SHA256

    2c7c5ccf9fcf1b5e0bab30f7e7cc0d8df1bbad52650caaa1241c0bbbbd9ba541

    SHA512

    63006387842403bb7c53e5182e2a09906103a725eb6db5dcf2028cb462c1a006a91d1beac803c592f275ab5f7301dbbe19180309261bbd7921333018a5aac7b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99cce770960c5ee1fa00f64e9c88fb25

    SHA1

    6dc54c572af5618356c5ae10b4c1b405740043b0

    SHA256

    df94e8ba91a4df050bf01b5d831cc795122318004ab27d3eb9195352718d43e9

    SHA512

    d332700788be4ac478f43b7f025924138a40217c61c1e95f3b1b1a27654236512c9288ba6a34f1c113faae17d89da1003d4248188ca0c026b7b4e71def946ecc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcdfdbbe018ed6d6a4635c8a1d3101ad

    SHA1

    568a106607233ffd1facb3c8e0b2e31601682b6c

    SHA256

    15b4d82c990ca77c4ea0b96348e25c58e79804c45b226f675abbbb7c441ceb5a

    SHA512

    d3535a599de24919d7862affe2126ee4d1505220c63ac65f956dd22c0bf55469d36289e7928f46741d561b1273535b93d1cec9cc0b4190f750f81488209d5c43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb0bbd5742577d819f031d7ddd0092b8

    SHA1

    38894114e3efc40c088d8acffcbc015799247e29

    SHA256

    d9abe20cbfa37fa9528fdb4931393803563a9c7fa9ed04311916389352e1e283

    SHA512

    39588b86a7358d759f405d12fb7cd9c352a189c5c66aaaaa0fb996fbf204fdc9334cb409aaaafcd2ed3832e2d6b3fe264747251723bb997f9fc53ed6ef1cf5c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50cdcefa2515fa092a77a9cb17a25c7a

    SHA1

    2f13ee377dac3ad05e6e7ebed55d86a2eb875eda

    SHA256

    998db9cebdad8861b01cbde31f08a4556bf43a8f8613d0a519f60e6bba9a48e6

    SHA512

    ff7ce8c49d00c52eddbbc5260cc769a2a31bc6be270aa04d2788260c285d3cb6bb057a81750f66bb9c3bb2afb8c6d66294148fc2d0781915bf0fd4578f221623

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0e6f7cfeb94251ff1000a73b8b4f96f

    SHA1

    3f9c0cb0165244e09c769d1da4b8d750a05917af

    SHA256

    79a40e87050b257db45761807e4ee12a6dcf7232e82340b2cd44238bf1b70d5b

    SHA512

    e5fab66a5f599dc92079baa631161ba05036c3f73ac4533f139c96f230304c351a90df5b8df713d86a5e44d0364de797846d0ea0f3d4ef9f9c7db3b582565ba7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe9b7b98cd3b0880619a5cbbf570e3fa

    SHA1

    8fbfc3cc2287ae852ea9199e619476d1ed231f22

    SHA256

    f941602ec7930df48c1949db910af30e2c0d9615a3d27173b7bc611c9746e74a

    SHA512

    0e56d0efafd20bd5039c126bf1272fb7612e0d05439e9cdd1663481b63d89e425c7b14354bed8d23551ef6848120cfc389ca5d5018959c8454fbe55cddc45da2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    641f1275223c9eb04d70da3361a15d7e

    SHA1

    6ee725647fc8700ea6de86d5a6cf1cf6c1c0e702

    SHA256

    ee4c06bd194da0fc6c196ea3533d1df2c6f2fd3b0b85b315a90ca236f4a491e4

    SHA512

    8cbbd91a12455575015218d436068ed13852d9639bcd36129852ab09a979331d8cd6834bad070e1e5e1994117d85962e7b29e00e29cca0040069515181b18471

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a577bd449db99f867364436d27b87377

    SHA1

    4914b960f71a3319bd8ec6074288140dc42dc59f

    SHA256

    137a6b906ba206991a942f49de88380671f8107044be6e384673954adfc6c3f3

    SHA512

    c911f5b43ea9caf70d82a8997a465627c9cd9dbd9d0f1ff6704b75a4f46d251f76e0302392badb2490ba786f6033783f69ea162acb012c91b08a44232b3ae03f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2936adc197aff055154310f4245cc3c9

    SHA1

    c7ecaa43c4c5237297a50211a15e538a7bb3f61a

    SHA256

    28de957a2e97bb51ac71e1aa967332f1805e7fd44ba98076ccbfb6cc24ed8270

    SHA512

    625c45cdc7a82eccf2769f7780b4f8e885621f813815884a587895d3077970b7daf315bcde2f56f7a72fb440a8db7f6a1d48cabd7fcab29397c4912f8e270d45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a0a0097b78123439958cb4ddd11059e

    SHA1

    d8de6cb7b7331a7b0cb984c3df2cd90eacd84099

    SHA256

    01c54d6cb03fb2139f2ab0d0f2bbd6fee7df72b56a545c91951bfc63853365fa

    SHA512

    0673066907bcde0ad9c4997e88314b897bbd57ebbdcf8c783bbe464f11cc890a90d088ed85f57c018d80e28cc3ab8f187682ef800cb81a92fe80224e76610266

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc86bb21ff953b2e06316e6b89d38ea1

    SHA1

    afd30e1eb08b0c5ef9d8d9b615b0c442356888f6

    SHA256

    0e4e042ce268c5cdba28a6c33a447037d97836cde94152bcd364f6e4ba0de027

    SHA512

    15268a14debe6525dafed2b02176423c1003f7b7eb183b54f92303c3895ec0071bde126545a21bb417e830b9f7c1d3356e9b994d2c8a1ca6b83591518d6f6ef8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4ef115cf69bb90f8a6cbc8e89842058

    SHA1

    90cb21c7f7d2a8a0e7fedd845cd553a68959c86a

    SHA256

    bd7a8ac6f712d16b4f748e8baf2424c9a6191ac4d06890424797ca11c4fa34d1

    SHA512

    de05036323466c66eac86bfe42840ad540a3e02af29d879185152d6a8d9eb86176198d7e1ac89f32886854bbc0f3ebf60766a772c418bbc377c48709999e406d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1681ec1cd22a5875336af6d6d6605667

    SHA1

    09a318ce618a7cbe17656df2c71c86c74305b4e8

    SHA256

    62e53a969b2376be92a3c72fd66ddfac94399d7904138ddcd86031d758c9dcd6

    SHA512

    18496aa3f4874ecaf9b75e4efd2d9515e70f035bf2a6eb7929566d475f995f90e0f626d6fecdfcd114a813038bb6d086e6df7ae6e975d6a6eb2c98b20bc24a05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06763d8d765fc2d911d87a6a4179fbfb

    SHA1

    4dc46febf960bcbb95ebc9b2f84822162b860f17

    SHA256

    099bb67edde0cf54b2131941fd9f1faca92733e0419ff3b072b4add92e991ad0

    SHA512

    765a1772e013d0a0eb1a56926722a82465eb781247bdee242af0c6d77831f79c2b3fd6307ee5797727bb6f118fb80879c57d337f9b5682132936bcf33ad74fb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24ae2c4fcbed36d78f090bc6e0e59b2d

    SHA1

    d4c0cf6a1c47fea7ce0323f0042ad3d0106864f1

    SHA256

    364642141a6ee4a05dd02261151293ae39d0af44a995853e1dfddae8f907fdcd

    SHA512

    16886d29199ea2d6ebe2f13fddd93d3ede3cbd7a54e4075da82fb3ea5115766f42477acb8561fdd8a619b3be1ec07447a347ae429ab1ba0d25cd03f90744b272

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3f5996c48846d6dacd29b4abb41acf3

    SHA1

    6609246012c71f908f6b5d12210fa478d58d0bd6

    SHA256

    9e7ca42e4428be19e627349270cc5b3fca78fec0dd1875ab6d8c5d8d42d63575

    SHA512

    04a2a9b40b158e4f8564f86c35348eb6ed10b69a24667d1091db243a02f0b1c91a50afb4b8f1207ce6eb98522e1607c52ad7b3b6c127779ae07d9d4df103278e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2271.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2320.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.