Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

5df7947ce7...8.html

windows7-x64

1

5df7947ce7...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 22:37 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5df7947ce716cbd2aed40bbde58ac6c8_JaffaCakes118.html

  • Size

    7KB

  • MD5

    5df7947ce716cbd2aed40bbde58ac6c8

  • SHA1

    d0bafbedf0f961a102c881a1c2157357e8b09219

  • SHA256

    d2c43912a7ac4b5222cb1350825d856e850bf95d2e5ad8f46d1f5fa7fefe240a

  • SHA512

    0e9026ee4a92c07890b48c8a852a90ee2e0bd067e60537725c19b7aa42350feea497029257c0dee92e2c4f88c7d7416d236029068dbb13a70344265d56dda8dd

  • SSDEEP

    96:uzVs+ux7E4LLY1k9o84d12ef7CSTUTzf0b9qQ/s6fcEZ7ru7f:csz7E4AYS/ltb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5df7947ce716cbd2aed40bbde58ac6c8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2456

Network

  • flag-us
    DNS
    counters.gigya.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    counters.gigya.com
    IN A
    Response
  • flag-us
    DNS
    counters.gigya.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    counters.gigya.com
    IN A
  • flag-us
    DNS
    analytics.hosting24.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    analytics.hosting24.com
    IN A
    Response
  • flag-us
    DNS
    analytics.hosting24.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    analytics.hosting24.com
    IN A
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
    Response
    fc01.deviantart.net
    IN A
    35.167.78.243
    fc01.deviantart.net
    IN A
    52.42.208.254
    fc01.deviantart.net
    IN A
    34.210.28.49
  • flag-us
    GET
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    IEXPLORE.EXE
    Remote address:
    35.167.78.243:80
    Request
    GET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fc01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Fri, 19 Jul 2024 22:37:44 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Server: nginx
    Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
  • flag-us
    DNS
    orig01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    orig01.deviantart.net
    IN A
    Response
    orig01.deviantart.net
    IN A
    44.227.131.187
    orig01.deviantart.net
    IN A
    35.165.234.29
    orig01.deviantart.net
    IN A
    35.82.205.34
  • flag-us
    GET
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    IEXPLORE.EXE
    Remote address:
    44.227.131.187:80
    Request
    GET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: orig01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Fri, 19 Jul 2024 22:37:44 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 0
    Connection: keep-alive
    Server: da-redirector/0.5.2
  • 35.167.78.243:80
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    http
    IEXPLORE.EXE
    606 B
     634 B
     6
    5

    HTTP Request

    GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg

    HTTP Response

    301
  • 35.167.78.243:80
    fc01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 44.227.131.187:80
    orig01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 44.227.131.187:80
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    http
    IEXPLORE.EXE
    608 B
     387 B
     6
    5

    HTTP Request

    GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg

    HTTP Response

    404
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
     7.8kB
     10
    13
  • 8.8.8.8:53
    counters.gigya.com
    dns
    IEXPLORE.EXE
    128 B
     148 B
     2
    1

    DNS Request

    counters.gigya.com

    DNS Request

    counters.gigya.com

  • 8.8.8.8:53
    analytics.hosting24.com
    dns
    IEXPLORE.EXE
    138 B
     124 B
     2
    1

    DNS Request

    analytics.hosting24.com

    DNS Request

    analytics.hosting24.com

  • 8.8.8.8:53
    fc01.deviantart.net
    dns
    IEXPLORE.EXE
    65 B
     113 B
     1
    1

    DNS Request

    fc01.deviantart.net

    DNS Response

    35.167.78.243
    52.42.208.254
    34.210.28.49

  • 8.8.8.8:53
    orig01.deviantart.net
    dns
    IEXPLORE.EXE
    67 B
     115 B
     1
    1

    DNS Request

    orig01.deviantart.net

    DNS Response

    44.227.131.187
    35.165.234.29
    35.82.205.34

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e6c55e3f42967a762dcff190807b891

    SHA1

    aa5021440b0763352bf01608714a3e2db9bab4c8

    SHA256

    ac705aad46eb2aaea7260db3811f505aa87a621894c6c0770d458334dbf70342

    SHA512

    c6195cd341cb7e26772a00c8eeef892acfda4da83a2290cc263038549e78cc4e3883300ca7873f27f4bd2ee0db81689acd7e70289764d87b7c18e01f67446e77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53ab899a6bcb2e3bd46b6b27de6d6505

    SHA1

    36a88f7418940eb50c7af08c7a78807f5fb18dfc

    SHA256

    3efd1f2345641c8e712c818faf7cc6eca258338c11daec5edf45f73b74fcebfd

    SHA512

    0638141b20ad7640a1885bd27e0647cf574ef38a524540b329a03cde66bc47b256d44463ce9df744f765fbdfd3bb727217fcaa9b8e9ec0bbc90d766d2eb378ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f4036d7bcdd7be34fafb55ea0f494cc

    SHA1

    43cea031790bb674816c5e871677305aeab06fbb

    SHA256

    71439a5bc6784804eb8da13b459f8e41b73323c4dcbfc1f1eb362b5f6616e482

    SHA512

    0a6fb3b00e66fd833bbfeeca078496bb6c6828dc84649874dcb21c11537005bec53d17de4d2a67d180f49cf081d3ec1cd41eaded7ced2804727d91df69f09b9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6776dde29a3c2bed94df1c48c723abde

    SHA1

    a515de810cf0c9e6f742bcda375373a914746726

    SHA256

    25b7077361029d17c1025cc026e8f1cce45a291e10c6a7381b5688ed5d28f596

    SHA512

    c15bb2b6310eb358aaec59fb9f0386f8c389ffd0a37caa88d10fa57a999ed965f6e6173f70bc108701ae4f494636146c1be3e5493a323624ef976a01fcc840f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d11969c45367955c12749d31f8236db5

    SHA1

    3d82f7fe45563bd88cb23869a8d34ca4e5c51446

    SHA256

    edf8d6137b7970add90e5ed99c72239cc6320eec07759b51f5c748726f6d5e72

    SHA512

    16f02eb7b87a45d28991aef3c78cba264563b2b10ea2b84f80392347c5088d226e0d559f2ca69d7454871e1099adde3bae37b92b9b259fe60eeb33620c20ff3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be90bb52e61199b3c009b8c2d7bb62bb

    SHA1

    2b42d57aa9374c4fe21109fdda50de0f3b5e2c8d

    SHA256

    203c20204e50eb85f5ec26dc1e2f020542ce4ab7eaea9b55b9d5c8bcf214c0ff

    SHA512

    556737c4e96cd927213ee435d2351f2aee7fd8674db98f11a64cb6b159b80b73d804d5388572f6fb4b6e1eb9c71be329ef8fe0e794173dc135cac55939021a63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    daddc72466c2286ef91544231e15ffdb

    SHA1

    961bf3aaf3e2873a72afdd1f4b5eb3663afc58ff

    SHA256

    c4db7a71eb2331443713dff9d8bc8e022b5413cb885f5cde366f590de7b7d92a

    SHA512

    77bfffb603566ce4f3f0e1fcf126aa7aa2e418ac7bdfb37f99aab762b66e5989482770dfa21523d4f981f536dca58ef66ccecdba322943c02df73f83345acd43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7dd5f9ddbf308e07f0377eeaf8703cf1

    SHA1

    c6ad5ffe2d976214fc1f06dafb431cbc64610bb4

    SHA256

    9ab19e8c9f71d39e59c1667473bc84a692d0c91896348e39eae0924f1b5db01b

    SHA512

    a2bcee23483162f8834471f16e4887910804e016f7b87a7ff9a674e9017ca348e9a5ab0763c7c8ede7a74c9d8c26e9aeeff1576610814674cd6be64161dfe121

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a46cd71d1f6ca59ab9a9460df6e3013

    SHA1

    8e5a5ff3133af595f55c8bc0ab0c43b038814958

    SHA256

    8599cc30e25de5eac69f1bec6fe24903863ea06d20df8f7db1629243f912fe12

    SHA512

    d52662b2eb3273d99dedb692a55662b53389632db6c4e522ac20f9a9484bf22683daf2a3ff4c6630f370431cef5cb4f4230cd4efc2e79eb7c6a0833c25eb3585

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55a87a6a02f74633a61abc56c7e7d95b

    SHA1

    a2175127e8c7b852992658691fb1f15509a5a495

    SHA256

    b740957895d53480377c9467b1cf04fa7a637e00b7c60f828962aaf03f6dd6da

    SHA512

    41338b9804298e49577b28576362c79d47af741d7df81d7befa9f54bdffc048a8a8db3dac76358d273ce3aa306042f017da8b91a2a7d32f0c6244f1fadf1ab76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f20bcf8ff9f528b9b387187a2d80dcd

    SHA1

    74ee102231abd330f896633e613b6dd66c565905

    SHA256

    c5700fa1fd83462fb6eb7aedebc24cadc6cc6da91c8ee2573204d66d2f12ebff

    SHA512

    38de15e9f97d09fd157332ce84a4cbc7a69ce2fad61904d49f1bd0a0d56b97c86b854c73ce10f77dd84338f2f478796318f2dc30872eabfacf887c0ea1f26645

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a9362f3593bf9b0b73443eeb9272670

    SHA1

    e389e5d807d1a33672f794f5abd8d32461c3b243

    SHA256

    bab552ff268c05497d12bec3c6e8f2c3e2233169d2b23c204e54147e702fbaca

    SHA512

    75f8d3df94962899cfd3b9ef6c7a48138d7c8988da1a0ec003844ac957bd12705c80c8f3f363a6534da5eab7c9962a93dfc9d2c1fdaf08b2b6bc3d3bc9125fbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2ddd956417b6a059677c3f3b309a3fd

    SHA1

    ba2476b301e3b0eb378ae05e61f930f718d7ce9a

    SHA256

    63bdc5582d1bfded1690343e41b6c55cafd87a74acdadaa354dba3a4dd19594c

    SHA512

    2363fffe243b7853b929a8af1b4c6017aea58874b5c54860ddb687d981161f7a3ce00486ef437b7540a6ae8c984c811cb35fd890be3ef093a58e0fdacd341a5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3aa74a43b7338ff80bed45b71bd2c1e

    SHA1

    813c3da1df6382ffd8867406c37b3e7b8254dc23

    SHA256

    c00a938478d0e940a158d02198ac73ccf34389abc07eb6adbce1cf8c20d6e3fc

    SHA512

    37a49d9210ba11bff2bf3d9a348df7fb61604ae5f13a5172108de38c0030a1e8e2eea282598a9c2b1cf6167330c6b9872f61d1fc6073c91ffae046b0e2181a6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    770939e272bdb855735d0f443d150f84

    SHA1

    90daab94d4b084faac5606b9e918c13884855768

    SHA256

    1987932897b084c0525b097987b937132adf726e13dd9f9f5ba1d6cbb570bcca

    SHA512

    0887f0fc35dc03ada2771c3df74d16a7a49760204685d4bf6d5f282022abae8bb322443c343bdbfc27b57cbee352624b0cc8e472ed2923046ac4b96b2d39d6d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b06c863d926dee8328891d1facb587d

    SHA1

    719e890d418e66237fca0f56655293cd28996235

    SHA256

    6fb7eb0e6d84327a86e0d04bd4ab5aadc359bbaed16ee6c3b7bb533ae4a4911c

    SHA512

    9811ffbd02c4a7b36ebe2ed5a3bba52cb75d34a6541d782f82b7e9aeb9bfcf6e2867a5c706b8ee20f2fa489e61c5b64dca792f8a4945006785124ab6a306eb28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17d9072c003dd9714512be5508069302

    SHA1

    a44086cdb6cce3bf7464af8f0864b42f42e1f9e7

    SHA256

    c1c688e27e29e594a0bec02bef30874af43a31682541c9ed49fe63d431f5a7e0

    SHA512

    a8a7c7b97b04c04a48c79a1a6ba5c41edd5c6650b9f2aa57353f0f398a7d74494fb5525b6f72ee6303ac61050212c192913af4dfbec298b39c0f8aeab8c26514

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab286B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2919.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.