Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

3135545d6c...8.html

windows7-x64

1

3135545d6c...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    09/07/2024, 16:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3135545d6ccbc9ebab301906e1125a14_JaffaCakes118.html

  • Size

    57KB

  • MD5

    3135545d6ccbc9ebab301906e1125a14

  • SHA1

    548b9385fafd10eef231b9503154b8de4c77a947

  • SHA256

    d09b38c1d695dda44ac4edfc65b97856e7eb949ae5f2ec4eeed3eb35139f8c56

  • SHA512

    e6fd8dfa3ae50aab0adcf906ae84e2e8cf1d4348d9653f73e84e15d8f7f67a5d39f693603e9410c825298cbbf0f049467d0f0c37d2497ba736f07d8d3be6427c

  • SSDEEP

    384:OB0lYEp2Lb2Ox1L4GRgy6I5bquLpGnV6PajkpiW6oRLoF8oPqomIigxModR/VZab:qhpjxpZrXzew

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3135545d6ccbc9ebab301906e1125a14_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2184 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2412

Network

  • flag-us
    DNS
    www.birki77.de
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.birki77.de
    IN A
    Response
    www.birki77.de
    IN CNAME
    birki77.de
    birki77.de
    IN A
    81.169.145.78
  • flag-de
    GET
    http://www.birki77.de/8x2l3fkt.php?id=1505495
    IEXPLORE.EXE
    Remote address:
    81.169.145.78:80
    Request
    GET /8x2l3fkt.php?id=1505495 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.birki77.de
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 09 Jul 2024 18:04:47 GMT
    Server: Apache/2.4.59 (Unix)
    X-Powered-By: PHP/8.0.30
    Expires: Wed, 11 Jan 1984 05:00:00 GMT
    Cache-Control: no-cache, must-revalidate, max-age=0
    Link: <http://www.reisemicha.de/wp-json/>; rel="https://api.w.org/"
    Vary: User-Agent
    Content-Type: text/html; charset=UTF-8
    Keep-Alive: timeout=3, max=100
    Connection: Keep-Alive
    Transfer-Encoding: chunked
  • 81.169.145.78:80
    http://www.birki77.de/8x2l3fkt.php?id=1505495
    http
    IEXPLORE.EXE
    958 B
     15.3kB
     15
    15

    HTTP Request

    GET http://www.birki77.de/8x2l3fkt.php?id=1505495

    HTTP Response

    404
  • 81.169.145.78:80
    www.birki77.de
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    www.birki77.de
    dns
    IEXPLORE.EXE
    60 B
     90 B
     1
    1

    DNS Request

    www.birki77.de

    DNS Response

    81.169.145.78

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f74dd32cd8b407d3e579cff544043f9

    SHA1

    a3a932886c74a752b2e8d9777dc06c7f606aa331

    SHA256

    3b46bb88a4d8e914b0bf688c7950cced5f8845a2bec28927f02dbd686c9fc89e

    SHA512

    1218becb2ac383e06dce02550e713d688cf770f484cc07e92ad1f9ebb5fe33e19e586674bde3c3f29f4b43a3c6ca9cb66fb2ae70613b9e263e8e819b93354448

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5cdef11c37cb7fd521a6b32d8263260b

    SHA1

    9d99190293de4ce1d566ab7925d4ef828a346ae1

    SHA256

    2697d95fa1037abd48373df32bf86a98f79acf3ae6d581768b338e3c6c7c13b1

    SHA512

    65d30927fc65abad9af3d7f9d07fdd2d80e564a89f6b20342a477c6bec084743f6c1becd429a2608f4cf90673841ae2e17b83782aab8add0cf862b8930d42872

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a263bb23e9d43fd1e611b1bbc28f3a24

    SHA1

    64bc017ceb2f00269a56d68e5d7da6edcd2ab7cf

    SHA256

    f8dc15f350a587c3269dc961eeb31da125090e05476874772dc86168af7781fe

    SHA512

    70f38e9e36f2e883d3bfabf4a48d1d45eaaa3f53ff70f9466502e279aefa957c774bed347af2d9ff8ff7bf59d07a10a01d2708a2028d0f4011dfd2ba3971ddff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5ac5cb0ac4e6f79f36fb774a35ca91d

    SHA1

    15e2eea73e212e3bfd62d02f025ed0acdceba0f5

    SHA256

    0aedf812eb884726b5948dafc4917910904cb41b1216979efb61eb2784e922ac

    SHA512

    3c5bc854e0c4d1180f9f1d7a809b4802132a906843d6900f7526f200b95cdb19d384215312ba46f095cf1fcdc1a87d5c85975bf1bb0440b409bab966af3b9304

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06ecf87ad94bc316c65fb893d0841ac2

    SHA1

    83526b2428adbc07cf453980761c7044327498c7

    SHA256

    b18c70ac8bdc96a41ec39e827f8ca14f31202fcd5d4825323c74bc7a2ac46a7e

    SHA512

    6812db552d76ff1066cf47bf0818c39aac19b43fbb596f57f3a19b850b8163e2e52838d5a036d12391d2a92bba46029aea233e9c30bd6582a69d0294811cb042

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c34dbb2c7b0415e599f29a7d48c8b29

    SHA1

    f99782e88634c6e46835fcdcbee9154496affe53

    SHA256

    6b489f14fcc581a45279e835760e3f967a06524863394712a38d302002009934

    SHA512

    f712c59701a3fec8b6471b0aba5e286e541ea57719db45ed7a67e3187eca024e3b5da2ed4b6be941d808dcd7773621652ecd34d7b721d80950f85fab8300fd35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1fb91fd9f0c620b3618c85f212e8c6b

    SHA1

    3718e9595f5a86a5779ef8681721bfd15f1c3ef5

    SHA256

    48d9bc7c5e9020b3776b800baa56bf7e003428a0a7eb087411e97d30db0622a8

    SHA512

    3e94f3459b0ae8919167df3336ff77a4506b1ecc78e90a35e2e13bc4ebf6f0644314719814eefdd6e47a2a8297f6c5bc2b85a86fb425113cd3c2cc72775e26d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    432ce05f268fc393539e160b7ba059b6

    SHA1

    bd260d4dbd4b301dc8f7b32e1bf9242600446004

    SHA256

    d5a647e6e8a7c0a4da94c01b6d87e8ee85b67f877877638b2bf51d98f1caa530

    SHA512

    ba08c64dede0eaf340334f4a7370610f6561cc131ec1585810de8e4b8b85b51e50738cf525991fe813a49cd29e49370652c0935fa9925d61d4a5d22d129028f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9903e945fa4d8249c4d25409170d5d0b

    SHA1

    58df9a68e409c52cdfb12a47adff9706fbe8ce76

    SHA256

    404b3549c95f70f7dfcc5539f61980e092cbfc8384be83021df38ce4539d0bc6

    SHA512

    f80ade095c334cdd08654d9aa11dc96291b1f6c022fdf64794b98f4be8e899e8574741c99e01e76766fcb059da9f4281f93c7b3ad22f951144b5ce0298ef3856

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb3e667f70ee33b0c30e2778648dfe0d

    SHA1

    52469ae7344d239e986b45cdf476eea63c7906fe

    SHA256

    6d3bbf66bdef27fb832fd6272ff37fb58034a5bf443b730cd6ed4a2c002ac859

    SHA512

    fef36dcd771e7890c80fcc63e8e95bdca9f025ec73747244f296bd92afb41e84b7affe9d17bb18c7c75f440c9a781f0a9aa018084e8b050c498698e77bc7d32c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed0449eeec4c30ce51ba7a54106b048c

    SHA1

    f021f995ce792d2b33eeea962e1f762cfe3899a9

    SHA256

    3c5d034c70c2ac66e0aaa935461d9d2676db61a413ed0f8aca2ad3dddc900c7d

    SHA512

    c8d97cf4cc6d70e61e88fd41910c80c175fb301a3dc3beb182898f61fdb4d9e89799a512c25ad7dd7b556d043035bcf31f142643125d22e1d87a5316ac8d99b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f2b2713366018f27a76cc5324729b97

    SHA1

    2604781f24db2394374637b16c4247eb805c6ef9

    SHA256

    6fbb4fdbf82393f2c7c0a3925826d64bc905e60e918575ce9ce1fdeba4440e4f

    SHA512

    ffc81bc8fce86afbee69b07756e00fc8cf90e6dfd384b4de00ec626404f03fbdd721579de60798934400e82c186303c02a3a940efc88b1fe1ffb46b9c405c842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    861807aadd6c8ae10142c5694ddafb5c

    SHA1

    98a1ee0f01fb2794219daf58949f011e4004ab4b

    SHA256

    89c83be1c71351faae1d492ce615778d43ed7b18daa3a5fa1498957197c057b5

    SHA512

    3dfa5a6647ddb0139895532686a5ba6c4f73df3c9d26c7c4a64dfee88ad9b69819e0b031e9c76855e1a4218a8ba7fa75ffcf821c20c5ea03a6b2265fde31c8f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bae1ae633545c753c55142797b525971

    SHA1

    220feb3928af424f0116f4b8df6ddbdb16d7de0d

    SHA256

    a2fdedfc52e500933297bc45067e5b7b2257fa9b07ba1a77c8d77dbdf5993386

    SHA512

    05f4c045fbe6d07f3f3a54a81323c89fab0e87e973819131e48a1583983df0fcddfc7a233307909a44d741acb6d53a304343c27f106a2e2393bd1b2a48e34b55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d678b9da014a2e98620763d59d0cd5f

    SHA1

    ec428cb97f0c72a4f734316c92375d4cc278e43d

    SHA256

    80398742f033bb71157e1d759d67f6c7058d10835852298c4078d32223f8e91d

    SHA512

    1eda9ba3ae51a27ec0e6f6b38163131fdd3b6c693e256ef0cd3407e159039d17c53dd4ecf55e6041f2925fe8d0636b6c67e3d34d63dbcfa373a0ccc6700a78a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    081428bfa53bccf22d1d30e769b97fa6

    SHA1

    61864d82d9db2378819260bb084cc5065a9244e1

    SHA256

    2fb3adc9316b225ff01bd76496845518da9df3353918b99f8cfc2d2a77e636a9

    SHA512

    6d3b48e691107ddea0089cf4a3d32e6b26fbacb460bdcaaa85a12862e750123c423600e0dca75749ce8e02b75368e353add49db7fdc74c366cd5bf0bf4d1faef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2311ea8489a2d453f1d5996b89ccf4d0

    SHA1

    8fc945a3e2f28036c727377234c4d9b1150b71dd

    SHA256

    0bd08b3943331ceb1761d12671beca5ccd5ddea9ab93c3e39294b55b14380fb1

    SHA512

    b859f273e62a13d50612830c3ec5b6bfa6885bb0187d1f0dd4173e2b8c2876897d7f049744477ec78ae850635097690b6a6adfc307ff0ef168685a73776dd872

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f72ba5458ecea99808e959a97119b3e

    SHA1

    34148ed94af38e963177cb998e899a7a98d5dfb5

    SHA256

    559bf22ca5eeb138485ed85fbe1679e3b304c6b5680a0e0d94542451d05cb536

    SHA512

    a8dc41ecc5c33df6056555bba6e42a9210500ca3a66407c52b3e52962b158b7a0167280b43ec468b1c0aa0a0d58a8a0a19fbcdd586acec18a8ba967d854d7325

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2075205ba3f04c99069b0d0c9d9b68ed

    SHA1

    2b2a9fcf9163cf43f9dfcf5dfa5aacb4ff0484be

    SHA256

    cbe3d32fe741813a4ba70de4e6d049ac21d74dc32c07262222c71d1a075ec15d

    SHA512

    f2b7ad3cca0d211e00ba84bc5c3f4233e4691cb5716b8bc60a2ad790554e87cf524ddbcf537433a8e3e32f93bdaf41aa2076051e3a84cd63025bc41a29779d52

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB9B1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBA60.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.