Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

76b97be61c...8.html

windows7-x64

3

76b97be61c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    27/07/2024, 02:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    76b97be61cccf15874499eaca5f7fc0a_JaffaCakes118.html

  • Size

    6KB

  • MD5

    76b97be61cccf15874499eaca5f7fc0a

  • SHA1

    f0e4f3ff36b5e1d1950a63d20f1c26f371b82625

  • SHA256

    1a14b18a481c57700730da54bff573c5e084a3289229df6aaf1fec3e03b66ad1

  • SHA512

    8575616531876ad76df2c625639a86c99b80dcf854c1c685088057a88b6f9ac2ccecf5571e48e8a7c541f6351eb7bce3a73c1f613eb5074896c3bdaac96e4106

  • SSDEEP

    96:uzVs+ux7VHILLY1k9o84d12ef7CSTU6ZcEZ7ru7f:csz7dIAYS/Jb76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\76b97be61cccf15874499eaca5f7fc0a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2376
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2376 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3024

Network

  • flag-us
    DNS
    analytics.hosting24.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    analytics.hosting24.com
    IN A
    Response
  • flag-us
    DNS
    counters.gigya.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    counters.gigya.com
    IN A
    Response
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
    Response
    fc01.deviantart.net
    IN A
    54.69.187.251
    fc01.deviantart.net
    IN A
    52.24.123.178
    fc01.deviantart.net
    IN A
    35.166.228.223
  • flag-us
    GET
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    IEXPLORE.EXE
    Remote address:
    54.69.187.251:80
    Request
    GET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fc01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Tue, 30 Jul 2024 05:22:48 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Server: nginx
    Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
  • flag-us
    DNS
    orig01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    orig01.deviantart.net
    IN A
    Response
    orig01.deviantart.net
    IN A
    54.190.121.216
    orig01.deviantart.net
    IN A
    44.241.152.34
    orig01.deviantart.net
    IN A
    100.21.254.169
  • flag-us
    GET
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    IEXPLORE.EXE
    Remote address:
    54.190.121.216:80
    Request
    GET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: orig01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 30 Jul 2024 05:22:48 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 0
    Connection: keep-alive
    Server: da-redirector/0.5.2
  • 54.69.187.251:80
    fc01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 54.69.187.251:80
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    http
    IEXPLORE.EXE
    606 B
     634 B
     6
    5

    HTTP Request

    GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg

    HTTP Response

    301
  • 54.190.121.216:80
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    http
    IEXPLORE.EXE
    608 B
     387 B
     6
    5

    HTTP Request

    GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg

    HTTP Response

    404
  • 54.190.121.216:80
    orig01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.8kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.8kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    analytics.hosting24.com
    dns
    IEXPLORE.EXE
    69 B
     124 B
     1
    1

    DNS Request

    analytics.hosting24.com

  • 8.8.8.8:53
    counters.gigya.com
    dns
    IEXPLORE.EXE
    64 B
     129 B
     1
    1

    DNS Request

    counters.gigya.com

  • 8.8.8.8:53
    fc01.deviantart.net
    dns
    IEXPLORE.EXE
    65 B
     113 B
     1
    1

    DNS Request

    fc01.deviantart.net

    DNS Response

    54.69.187.251
    52.24.123.178
    35.166.228.223

  • 8.8.8.8:53
    orig01.deviantart.net
    dns
    IEXPLORE.EXE
    67 B
     115 B
     1
    1

    DNS Request

    orig01.deviantart.net

    DNS Response

    54.190.121.216
    44.241.152.34
    100.21.254.169

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a793e89f2a1239dde33dd2d16235cbc4

    SHA1

    6cd36f2c4927d7eddceafe202fda92c978e0eafe

    SHA256

    3ec68b61296475805bb8c3a78fe4341a31b62eb481794a823ff3abb02d3308a8

    SHA512

    b508da74049eff69452912b35b1ddb406dd92cf2295b3ccbbc254b6037d2473a0dfad2a77c6211ecfd2c06c462d8507930dd2b9a02fd5631450f157f8aa1f3d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b72119fe5583d64b078ecf11e05bceb7

    SHA1

    8dab97480d86e2016b13206c2ced4c8ef797a14c

    SHA256

    23713ab14ba03647b21039bab7eca5a27fdf223290054dbda4c2147703114b05

    SHA512

    9112fad7502cea8c5371631477d011bde79d8d5c189363d826f8a2bc76cf58b343bc271c28ad222d05373ea5d621726d7de053352af16e4c9639f8aa1393c415

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29da2984bf0e23c5a5d7da5c1791e945

    SHA1

    8d51df02350912ba8ec15c798f03b407ebf82f10

    SHA256

    11ab5b5be5fa6ae16f8400843cee2ab18618ecc722d983736355d9af8e09bf65

    SHA512

    f0a552f866f31f1e9d01e6154187f680e46d7866aa8e930dcd24b07dc1f5b43fdc38864b0368a1842fe085a13a9fdd42d90173c428122911b2ebb1a36725093b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f27b31356530f02846e2f72f812d23c4

    SHA1

    29d02b1bfcc45e5c60bdca701a11835e84cb106f

    SHA256

    6c715052db6d582c81c374524b9dcb6352c892f317bfd581a8db6e9006740c4c

    SHA512

    d5de424ffa7599cb8a554fe5710532f36ab6c2bb4ea42bc767b5059470523cc505837767af639251b663034bc7bd60728372b36ce4dfae3e79a1d68c08559106

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99ab24cf1b68dcbb769fef0f3ecee6d0

    SHA1

    5070f22cdda54cd3945c35a0e3e0d3a4ccbae709

    SHA256

    b4696565d88db3341b175ac1fc8f4a4ef11fc6e7d78550bd52d42f6302f4f352

    SHA512

    d5ed186a1e9c87dfe1a38f56237372515874b293f8519ffa392dda47dadd322c66d986be42913e57a59ee5b17cc0b16b8d4ad35b70a9a144399cbbf030fdc368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de2dedd23ec8f1049ace7fb4314fba46

    SHA1

    4b2f388d2f509177f8f3ce5fbceab4222d37372b

    SHA256

    53cbd9934958739a3e9e4afe2e8c4b8a6e3753ce8e2ac1e75a2db4cdc6e74846

    SHA512

    d5acb4b06ff18a20ce1074dc26b68419e6cdf86728e5570101871621886ea9fa5ffbaea19ae648eca03aa86f349ba12a830f05ceb3a7cee71db5b4043cfdea85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01f9e807fb572f9ba439e25c60de13cb

    SHA1

    fa0292e82922a16c788acd14336a33e3a4ec87c2

    SHA256

    f9d9104dde5496c60b371f1e42c6710a6b9053d1ac6bc9ccb68060d68803b872

    SHA512

    74ef8b47a3848606895d916583640229b91ce95a91a8ae8f657be02371e755dcf2fefa691f58dd3d2aa90d4bb25438d42ad24dc8efb7b9c1bed5550ff59d5e3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    224b7da3bf7ac586bb630f436aa71d23

    SHA1

    6d341eba673a0d8a1d6792c9b20a057b6f5e7d27

    SHA256

    133c7981b89ce45933dcf1998eef5bf0f641ea72cc536e7b94657b2918290ac6

    SHA512

    3d1a4ff81feefc238023a21cc0ea291596e663da4bfab5d9bbb0f40c915ec4af5158d5bf40b5de5ccb9ab3c9c398efadd34cb5c8d96cf6e7b02f544369c8c31a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f77492a2e9b1ee8f75762e422ef98328

    SHA1

    eb4a88c3ac287be189f748a79d7cee196a9ccc28

    SHA256

    72373012a8f6d11b03b2f67a60830d5a6aa9c78b7d2b8aaed2e7c9c5be893fbe

    SHA512

    4d68dd128a97458f41c6379847feb66e2bb3c838ed88c1b5bdf16c9c8354bf99fc61601f86eb3a02e3ced3fbc34ec6851df22aad2a7bb33010afea3b495ea0ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    673e362a9a1d880b9ce1ac8bd1fbeb17

    SHA1

    1a3139cd5852792ca9fa8547247e027268c82e4b

    SHA256

    e02c3670c303a66ce10a35c64e463d598193cfe096b055efbc938e2c1a1d8ff4

    SHA512

    d1a1fa08cf373e0d5f6ad55a65e15a12d78e6eb23b35eba8f9b591d1b471dcb1ae341ec1eb6e7c61adbc92873a02ee5cb8ff5bcfc662efd84c3341c688150670

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    037cb4e585e979ba4ef4cc447e83a1e9

    SHA1

    9a75194aef9f4b07e7080080d232fcdbe5da4e52

    SHA256

    9cce673d6e1bdc5f9ba6a1ded4b67d64c91fbf0e93873a3ecc2357a1120e1dc0

    SHA512

    4353edc57ee724e371702b649db476164c47ce9cb0eb15f03595a42eb596a7782138c501b247ba796c1265e63d29eb560721089d08d28b603587da53050b6d90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b53bbafb577589ab52fca5ddd88cad55

    SHA1

    ea02897c3b1fecc98cc0b54113bde69d608a87e5

    SHA256

    4164bc4bee97546e0484279d6a124ce624dc1ad7e7ea7e32b53b1ef67395c609

    SHA512

    55380e339175a1d64f049669dac5f52998e76fc1ac33e496e931d2f54188ca23bf6a7355c60cc11160e0309c722af71415cb56a674821db16db88da875da62e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc48335c14e4397524713f660fc887dc

    SHA1

    d81470ea721080c6ac5cb15f9d51bec625aa49a0

    SHA256

    10f02f3ec6061e2220df770acc39b66b57c303e96e522dfa60771067fe1adf05

    SHA512

    77fa9255bd63b6016a10257468380a7c2dff61e0002f109efd9e8b0365e03b483d74a07f842775b763a40c7349f330f761674349cbc840ee90435e656f47e1ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d2992de732ebf61c9e3144edf4b9038

    SHA1

    acf5c7b64abe31d99c11e96fc2d2a9b90f61cc5f

    SHA256

    f3106a9df9d1c409917cb5493b8ad62629c7a26a9ec50569a6625b63ef993522

    SHA512

    19a484aa28f53fefb9ccc7b934b8f1c7f0926a3e39d7a1fd2e342646cc5813f750da0daa53ff96378db0816ad5bd0db9bf3d01fe25b26170f7de36df7149bfbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cff6742727726db9fa5d5ba7e1f2633a

    SHA1

    dfd8e732bdf6cf4e5801849d756a054b3403f4e4

    SHA256

    29bada73fcbab51978747b330e2427f6b1296f79064349cc95a2aff9871fb858

    SHA512

    18ee862235716981c6dbd7dbcfdf97d9c054af4ae7c2ac50a9126c7be5146dd60a50303dae3f1ec90d81135c5a691850c68ff0b4fdf4e844e89f74d6244b36c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e84b389c9f3c8d9542245d0a2d4b1059

    SHA1

    41b5c59f2ee76fb79fd54a769f4cb30a08f949ee

    SHA256

    727658f7feb72f4101ef6a6b1a5de7067e1c5023daa8da8b21996d02a948e02f

    SHA512

    24307104755216211e03e56b53a801828d22d08c0d9845434ea3cec46b0854a48dd72654bb19e78c30e000265a533f2d29d6743957d667ef3c79143bb1231b84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69561a3ff19eb88fc96ab727e0296521

    SHA1

    6c092c2127fadb3b6f5081efdbae7111b555a507

    SHA256

    c33f14a5719d646591f556d74cfac9735f63bdbf5ee160575f347f3d37f02195

    SHA512

    cd3595b11d40311b92c81bd0d8187e9972f15cf4eaf8258fabe872578407cd30d3181aaadf1ab77b8ebc3cdfc52b489809380c543f6caec6fb873b97fdda3b51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd00e0fcc56a14bfbe6754cb2d5ac61f

    SHA1

    33e4c67bac114477f1aa114213f1c2b8db8623ef

    SHA256

    c85e4a76c5ed06b6d57e36ec638600cf88ce3c0ca10c301afe847a70b97f5382

    SHA512

    d0e4097e0a63d0ec59c325dd4d0ffe2aa48759105bb2f46fc87c5f992e8aa72d7e71039d0b43cd68cb23fad03811ef7a157791cb345c9ccac15afc6ebd52de11

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E0B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3ECB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.