Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d30a7ce8da...8.html

windows7-x64

3

d30a7ce8da...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 23:19 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d30a7ce8daf45a954b34285f833a3125_JaffaCakes118.html

  • Size

    3KB

  • MD5

    d30a7ce8daf45a954b34285f833a3125

  • SHA1

    67f601b5489c5608f03b38a3e7050cb2b2dd0e07

  • SHA256

    460ccecf2fc044c5826729c02e3d5141c584e936f84d7d23ff0f2e60613db070

  • SHA512

    42b13036bafe6aad9085fc200cdc465358517a50c664df83622d4766aa7516ee1da9fad2148cef474629c94298e43d83d30507e9cc2fe375e402a3afe47f175e

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d30a7ce8daf45a954b34285f833a3125_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2424
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2420

Network

  • flag-us
    DNS
    iran-embassy.org.in
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    iran-embassy.org.in
    IN A
    Response
    iran-embassy.org.in
    IN A
    185.53.177.52
  • flag-de
    GET
    http://iran-embassy.org.in/fa/components/com_mailto/assets/close-x.png
    IEXPLORE.EXE
    Remote address:
    185.53.177.52:80
    Request
    GET /fa/components/com_mailto/assets/close-x.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: iran-embassy.org.in
    Connection: Keep-Alive
    Response
    HTTP/1.1 400 Bad Request
    Server: nginx
    Date: Sat, 07 Sep 2024 23:19:25 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Blocked: 11015.10
  • flag-us
    DNS
    c6.community.alice.it
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c6.community.alice.it
    IN A
    Response
    c6.community.alice.it
    IN CNAME
    c6.community.virgilio.it
  • 185.53.177.52:80
    iran-embassy.org.in
    IEXPLORE.EXE
    466 B
     124 B
     10
    3
  • 185.53.177.52:80
    http://iran-embassy.org.in/fa/components/com_mailto/assets/close-x.png
    http
    IEXPLORE.EXE
    862 B
     692 B
     12
    6

    HTTP Request

    GET http://iran-embassy.org.in/fa/components/com_mailto/assets/close-x.png

    HTTP Response

    400
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.8kB
     9
    12
  • 8.8.8.8:53
    iran-embassy.org.in
    dns
    IEXPLORE.EXE
    65 B
     81 B
     1
    1

    DNS Request

    iran-embassy.org.in

    DNS Response

    185.53.177.52

  • 8.8.8.8:53
    c6.community.alice.it
    dns
    IEXPLORE.EXE
    67 B
     172 B
     1
    1

    DNS Request

    c6.community.alice.it

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12e19869a9b478e7cca4ccb67b683bb6

    SHA1

    c8d2ad2c9cdeac83b76aa4bd8fe473ab88fed9c0

    SHA256

    b0d417358334a983ddd2a70a292f3c03e4a73afb87fc734fa1b540e6260120d0

    SHA512

    8ce32c0c712618ade8cff56a82ac5f70deaffd7ca8dd05304317a1bd3b7ac51d2ed963a72d56788dad74569565791e5c507094f013dfa9e1713fb427517e7193

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    304c422d16dfc73154fce1b1325263b7

    SHA1

    c548bb1284b6c50a63ecbeab889af1c01737c76d

    SHA256

    4e6e2b1dacc59b74c3e8ab8bdb3a3d3c297c392af5ea09bb1812bdb145ff1247

    SHA512

    3ac0d1992e97bdf28ae010363a26b511f696bd499c901ac2ca5b17b5949701cdfaba3012404088452c8015dc02982de7bbc4aae26575b1d4f080c081f4b8909e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e37c342996eadbbd37690671044c976d

    SHA1

    c94464b00fc88b3352b156a1bbbd408d77ce745c

    SHA256

    127f47ac232c62934b198879158036a304e4a0aa7f6cbe2ceecd5b9d8aed89d7

    SHA512

    6e8232476a13848bc8afaba33f6a3f7417802e17027a0b56299f6fcf1464bc8cc8d7c95f6c835bc3bd02b15604cee7131d926c321ce3d44d565953808e65e853

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e62b5dab14342ff3b22035a66f20fe06

    SHA1

    e89ebd21b63529e4038ca91430cad4037d891e38

    SHA256

    17907578f9fba1a76a6ed21e28d2882d9fff5eabc46bbe2353beb921d84eabec

    SHA512

    b55c6014158dd44504cf6afeda83c5c3c83b4414b2c5060bab765b1c0b6512bb0bfe484cf775c775adc4d7da782fdcfa92dc2b11f9ea8ab12b1d0e7ec2d6ab83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b410472b1e9268d27abf71e0081829a

    SHA1

    acf3fd9c25bfe2a4a7644edffa56984c45fc8293

    SHA256

    59d8c3ca2e3714dc437956875491da0e250a78d4d491d2261c1e4068f6555cf2

    SHA512

    7495fb0e08af53c4a9f6be81016b653e4fddf9cba3e8c8308f18b534526e48152ff77c6ac93e7d6a4ab8da2cb85a324e8692c68540d385cca86a96db06ff0ae7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    630c2cb7f586dc7e61569f47cde90830

    SHA1

    d45fe79e05fc6595d9232d2bed6e8d4a942836cf

    SHA256

    9f66d66c7c8fe9be1b77aa8e05f3c59a639a5c6d230b8d04e012a9bdb0c8965a

    SHA512

    55eb3c31bdba8b255bcc497ed73a7daca95581f5e9a9e290de6b2994415d8c7fcb20f64013ccf83bba7ade07fe1094fab981f80055f1d60f6e48cb71d963bb23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9073abff305176c3124efb5ce3a85951

    SHA1

    02d9caecd66ba139aa44b9dc0320a886daa06cc0

    SHA256

    a9d077df2e6399121b3958a9766af6f6e8e7398b1c8f62f820a85c67706226ec

    SHA512

    d0bb269374abed983de2881a053482c995b403543274bddcd9e53676dce71205eab65924dc543fc6263f74f86e64cbc8581f06f1043639b4d34121733c3866d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5ac0c0cb4aee07f69cb73c3815e6b5d

    SHA1

    366077c212a29893f1c61f65f52f3dd4c8a7b07a

    SHA256

    fd4467abe4bbcadd669759d3b4d775ca0c057121268e581915b1f56b019997a3

    SHA512

    69ccb6fa100b17cadf3f47520381bd177281989b769c55e2623e892e6e9b920ccca3690acc58eedeaafdd7be9e549bacd413213f186b439257e3a8e4ae126c2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    788576a767de23bea922856ddcadd5c2

    SHA1

    048a503e2c525e1b6e26605cb5c3afb6422d91cd

    SHA256

    2236f37b548bb8e3296bfb018eccd3e614134c82d1eea0d11ad913018c36c87c

    SHA512

    f492d1b64aa71076e1ca7ea3309a18a3240a9cf5bfc1aea9d1f9e05f58b35d3b5eb51bb2217147b1ec1e9b12fca0fff95cb4170d640a1c49a85f9a6199460ac9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fc8eb5560b21c7f41c965beb316d36b

    SHA1

    b83c810f0331030ea5d43304687108918655be58

    SHA256

    0bd89a39cb0f3a250190d1d268b197f8ccdff4fafb678714a3fcd4ebc0e3a776

    SHA512

    a71e6c5cc8f42aaa67b2751a07ee891383b983966618e4bb1727a2d61747ee0cde05494714d92e47bfec01b4f40338ea8e89b32c9818d32412422cc4057fb05f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c452c83568dbe1898e182ad2a370d319

    SHA1

    d57c7c22351e2288b2394aaba149caac8f109ab0

    SHA256

    01bbc55f8694278c7c6b9a5b4f0afd74be9c0e5e638f98b157af9a1b17f9160a

    SHA512

    3e7ecbabb30c0c40f6d576b791270d921687c9e3f0f2b493f2b53a6d68ac28923e913441694ddc7ef938eee49fd33ef6f7390e2b5f3fbdeabefd880360568d35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0d960b5d79039e04ba430a0d6a62ef2

    SHA1

    d5d289d2b3433178233724e56ff70958aeb4879c

    SHA256

    8b9c16867863c988e053f425ff21e424846264a584a45f448c47db6763d5e349

    SHA512

    89e1f836995dc1b04306b27a8bc583b990446490e0c7f61032ed38e52f680fa1a751c57a0867540b5fbaeb3ffcdbcad84d0273e98395f290ba1a5cd917cff740

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52aaa1142285de01942591b81126d840

    SHA1

    70fee8f8f624b25fecf304b2afda7b05f88d7a48

    SHA256

    c2069ef33cdc6dce35f44c502fed9c6a63f6ebaef2583118e2b400cfb121220f

    SHA512

    13989723d24a48fd8e7249fe01843f5a2bc4af310733bba541165d00677691c43536547653b773e55b6c6395fefcd50a1066a77f84e0a0f991b1dec2b6852a05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d956ed39014953f72c61498999dbd760

    SHA1

    c7af513f48d6eb8fa63ee4e2d6aefa03a88d4fa2

    SHA256

    a9b9071fd07a2d924fffc0d85f3e85c9755bd75b96aaed5123b277c802ed6018

    SHA512

    eee8bc35f5e7b546a96622848542b03c70abd8b91f070049756b955f1cd42d99f46c059fb7be246b7bb2ef3e2e480ce5c842c7fa869031a12983b07f51a4ce06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbe5b5a4c6014e417ec25392f0d2aa20

    SHA1

    4a77f1ffdf1fb5f63251aeb032d3a72bf87f4bc8

    SHA256

    e894940db3902df08816171a1d37009fe6d0335895dacb2bb2f91cd9e680b9e0

    SHA512

    0b4a9e1d0f582d4c6cfcad3d36a162a11f2c3cdc6c6c046fcb73ddd2fce9b7d8a972bf488bae6a85c5ed51d816b60c4f173b57a2ff2d1d6e761a19b9d191974d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12cb72223176df36c8577e60a1d4882c

    SHA1

    e39a6634f64add981f52209a1de8d3684af0d558

    SHA256

    34d47af3ace98a7cbc8efcb968dbe05a5a66526a500d55b92f941e38675324c4

    SHA512

    f7339c6c7af85a4eb8f726940363efd6b417424b381c13ff266a5a71f5172190b35aeee8bc05f1c5b7d11e6787553304b13129ca2acdab432ab58e339db721e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70643e29f5d521ff044d2932703488eb

    SHA1

    447820c312501bb27e0b708ffbe66b48924ae682

    SHA256

    ae379da08e6934b2d1c4cab6fd3aefeba8111fb5cd02d46e7789737a6270b59c

    SHA512

    41af25b210631d92d3abc5b04e67438835eeaf4f385db6f482ec0ad5b2951e9b2b9ae20be20eaa65a0783e213fda713431a3b9dedade68f0792892781aa02111

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abd00f212d0717c1f212ab18b899d98d

    SHA1

    85e8874ecdac9c2470f8ddf5518b346a14a984ce

    SHA256

    5a7e1537c5cdfd1c1e8bee80efce7151177493633655c7dccc5b663f31727c21

    SHA512

    dc26284040fd30c112d5b97c5a1bbc749f6a4b7279502fa9a7bbfafdffaf7203281594fc424138c287b756678990a72b8c06c428a0c8571c465c1645b843e1e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9f3a45929368866f2e4a0aae585ee83

    SHA1

    0152656760c7952a80a6ae84cd0bc8ed90cbd502

    SHA256

    798e221e0cbf7bc0494baaf15139cce184f49638b4dcc13ca10b166b568d8117

    SHA512

    449b1f82361c168ecb06e51152b9b6c39b820e47bde6449c7fe7ef8ecf8d7c26ef9d1d87424e4b9848f7a279e4cfd789d8007ef28735b9005e4518fa875e745e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fc2b2076d05dc8608dc5b180ddece45

    SHA1

    7a49980d2f924fb79236976e1d98cca686fa747b

    SHA256

    538f53a9ad89b13cf508555f46a83279e296d60af67ff27c74b6073a16ee71d2

    SHA512

    5699318729a1d50f4b5e9fc159940e225efd901b8a9582d8bc6aa8ea931ead764dc0acc60f6c97fe1973fefbbf08275d8285113f17e9e56e1651e75a58219507

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06bbd9855be8608692951fa550f7b74c

    SHA1

    665144e09ab5d794cf1327b1c1722d4c92a61bf0

    SHA256

    10fcd3c944742bc923d91ee7bbe2602161a663c8f80d680955d123eff536b0b0

    SHA512

    365199c5892136efe279374fe46c7899bd30392d6926226bd10a66e4fa677933b6eccd6546a4115ea6a89a06d0cdae7d89f04e9c10b1b95af2e5a3c77dde3704

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA103.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA173.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.