Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

95c1d50797...8.html

windows7-x64

3

95c1d50797...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 10:41 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95c1d50797548311bd25526bd4f8bb59_JaffaCakes118.html

  • Size

    89KB

  • MD5

    95c1d50797548311bd25526bd4f8bb59

  • SHA1

    db03e778616eb97947508589bec478de96c9b7d5

  • SHA256

    9fb30f7275a447dc703cc4115de9e2291c716c2f54d4fb0e6915ab004aac0bc8

  • SHA512

    37c368f15a63f29e2876ad52b5a4061f1dbda7578207a00757051863cdafc923530bc1c4774b30c090db0606f0ff91920c5da8786d4e107d9a304a19d5ebc280

  • SSDEEP

    384:7X0lV7DFkp4NEmUeVF0siupghrmbIOZzjni7NPpqOyBN9xhBwNNZwABrGByjx9j6:7CV7DF24umUMFtiupg7jQl

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\95c1d50797548311bd25526bd4f8bb59_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2316 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2492

Network

  • flag-us
    DNS
    alpost.com.tr
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    alpost.com.tr
    IN A
    Response
  • flag-us
    DNS
    www.alpost.com.tr
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.alpost.com.tr
    IN A
    Response
  • flag-us
    DNS
    jino.ji.funpic.org
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    jino.ji.funpic.org
    IN A
    Response
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    alpost.com.tr
    dns
    IEXPLORE.EXE
    59 B
     115 B
     1
    1

    DNS Request

    alpost.com.tr

  • 8.8.8.8:53
    www.alpost.com.tr
    dns
    IEXPLORE.EXE
    63 B
     119 B
     1
    1

    DNS Request

    www.alpost.com.tr

  • 8.8.8.8:53
    jino.ji.funpic.org
    dns
    IEXPLORE.EXE
    64 B
     129 B
     1
    1

    DNS Request

    jino.ji.funpic.org

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    946dc5037942547c06fee5a9a9318d62

    SHA1

    c163eb28492d32f06b9182b7199af430db81b581

    SHA256

    2fe15224f721ca4f79b9bf439ba7e27b071b2dda047a6847ea70aa1a14bc4b63

    SHA512

    91641e7b8b30911008029fdb2ba20189ea7f34f78a875a76c33f326614d73f5461f554b1ba637ccfba6412ef8e551f167d02bb02507b778cafd983ebdebe012e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a59937efa24b6bde19c9279560818ad

    SHA1

    4b9c7ad28b1d5e07f3814da9f8487f1e3e06b601

    SHA256

    7a732e3a5284dfc608c53d39de8446eaeaa21de504f9ae786f7a29200cb94476

    SHA512

    7c53286881dd5fea5d1360cc9cddbe753fe852c3f9777ca6a0859e592d85d31bce7c439f573a2a4e6b924b96934b305e9604bd3a99949b479262050f544dbac6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0da7e99fdfc097a48b8817ac87473c2

    SHA1

    a1f99e087f6dd57d5b2345cc56939c53c4f01a85

    SHA256

    f619af80259586b5770bc03595fd75cee77c4b972758920379072de3ad0c8f0d

    SHA512

    aad706f14c2068917a88199888df50f72f88a48a5a1eb2d19e651dda244fdd74895f220bed6cd93d61b852bc9d8339953cd7c4d580556d5216d73c118ad4aa26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6d8796393b521d163df6b9c4ef5667f

    SHA1

    ae4ca1c50beed6c6933dcb5beb03358611f0ad2d

    SHA256

    6f470c47d16d925335c131c52f401eb085a1f8ab5b67510c20251583fcd08604

    SHA512

    a959c8a498968a38beaeda2704359d8c2b552e800ab4b3ca3f621d1d84b06f2d6f216bfdd826045f3fd8175625ab288349afefed5fa7f718289186c90365c8ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a59af7f94be584530073aba99bb4539

    SHA1

    2ca5327b4f928de4fcf1afbd64f513ccc4d42ea7

    SHA256

    dccfa1bab9b9e2d8dbd19522c62f984cb3f5d0d2f21cdbfad589ea146cc77cb0

    SHA512

    21ba5e183b6cc58239ddd929ede619d8e0434c915999612fef5e209155953c4e93c16f8a8292475b539019d183e14ede410b6e4db76c14082fd109a66e42700a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d6891bb744fa343a021161fec4e926d

    SHA1

    db42459d42ac065c02f743b9311b3f5f3ca23c5e

    SHA256

    4eb56867dc76dff11cb9e59409c54cc62096bccde137aeb19ee86e53140f8305

    SHA512

    90acc2894b68a082db354202f6c653916489ce98295b1e59547052be61731dbbb47a3b05d2c41a6b14044291af367d1eec2d4f9263e55c3df149b99534261eac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c206e7a259ed75ddcfb0f8411702b25

    SHA1

    0e535d0061a73c9011f95559a064245c89abcd35

    SHA256

    e5feb6bf5bfb0b818a33dc6fa82ea74ff428d04605733017b924f95959a13e96

    SHA512

    bedc198ff6e4b6b347d37170ae11c2a77e3bc7a5388c488fa41da49a8a59cc9b2a27eedfab12c7c2912a0ef1b6d2d484309a6e8f2bf87c5db8f7d1a9c9938596

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64bcd1d26809f200271ca50581067f80

    SHA1

    d276e9044d388061cafb9ba84a6ace1a6d06f7c0

    SHA256

    557d051f612e310bcecfb7b3abb3eb285c8dd614bffc997b8b712af57d8c0ed6

    SHA512

    52b7cdc7eeff06000e0902719b02f6cabe49eb6add6ea7e956d1e173980b85f9402201d51b592bf184b04311bd2cc47427b608cd7674da8d8cdbfb4f64a9497c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    128693c4506cc2b67f0e22b30d3ef239

    SHA1

    b3dc75db2f215907e739ac73936a291926d43ad3

    SHA256

    f1d364544dcc3888d1bb9444fa566dfffd801af3ea6fb355554b7bf9c71fa39f

    SHA512

    0cd0850adfe786c5b4a99107dea541be83304210f59ded9e00936bb5f28b3edfd83ad549635f151b5b8439c4cd458fec5ae554d60eadee30662038e64e55e20c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70840b5164f129a1d68853463ff9a00b

    SHA1

    fd438ad080509851bc62ff8aab16bf2f636bd679

    SHA256

    dec21cd9cfa3d69203fe554a7cfce7db99e641c8970c05541a97a16d90c5d3d0

    SHA512

    2b87ecd7e46a4cc767c0bb629f389f032471e5d234cdad10a4af5e2b8b4d1d7dd68b4a3010404e6ea9d2a0773a0872f5d381388cff353e0e3bc2c6b8ad7f0aa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47a2bae47bfe67927ecbe30c6a6a5fb3

    SHA1

    fccf98aa4a865f2d579195dc21e450a07b1c7af5

    SHA256

    3c9c505a10fd845a70bb984f5774c4fa2971c4c50ef3fca4f96e898c8e5b4466

    SHA512

    be157b2fbab3a413feb21f2fb582beb57d4ec208d768b5d5fda2ce925ce47a48ad9aee7cece728050fb4c04b0e319b1b97142b0a28faa1771826661d41471464

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2c858e61f401527981db5227ef8d944

    SHA1

    340366d3b31fa41e415733de900e6e6b9a684a95

    SHA256

    2b56a9e7c0082d5ac9cb303e7f20571b5b2d49bab28882e239b6fdf54dd2f82b

    SHA512

    b3b065a9c27ce1c631b3f9a8134ac87797d098eaca54c485600f3916fc78152cf1d33601ef870a2f7ef0bad72772cf392ef6001f3581fe9b6dd7505448cda1b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51e043bd38309d0c64e3e03a1ab70deb

    SHA1

    ad3c1eb60c6be43295eb90539df9aa509a7085ae

    SHA256

    314b63cc09a2893e15a0fb9073673912767e437c4b96d4aa9b5cd27989dcea51

    SHA512

    40e1ab996325628f84bef99f8748f5ed74cfc3fb754018350df13319c3736a0f6999f33db57c611a4b134a7e0051f18bb61f51b740948804741c0a4bfee6f2f8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6115.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar71BD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.