Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d46c318ee7...8.html

windows7-x64

3

d46c318ee7...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 13:03 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d46c318ee7a74f5ed86cd3089357909b_JaffaCakes118.html

  • Size

    6KB

  • MD5

    d46c318ee7a74f5ed86cd3089357909b

  • SHA1

    d62603c6cb1541bfe87f61a0a2b6ec1aaa2f29e8

  • SHA256

    d80127cd25b26a0c999afb597c654d032ef609b410c14b284d81a0f1396cc687

  • SHA512

    e34c201ba0107b6700c06523e28af5e2baa4223ead142d3d8e4e260e1f1bf7599ff0416f3b78ffdd86f039c1dd4b2192d67e15e117b34a2158f983d9800a1d6e

  • SSDEEP

    96:uzVs+ux77rXLLY1k9o84d12ef7CSTUVZcEZ7ru7f:csz77DAYS/Yb76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d46c318ee7a74f5ed86cd3089357909b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1884
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1884 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

  • flag-us
    DNS
    counters.gigya.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    counters.gigya.com
    IN A
    Response
  • flag-us
    DNS
    analytics.hosting24.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    analytics.hosting24.com
    IN A
    Response
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
    Response
    fc01.deviantart.net
    IN A
    35.161.113.48
    fc01.deviantart.net
    IN A
    44.227.102.55
    fc01.deviantart.net
    IN A
    54.244.34.219
  • flag-us
    GET
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    IEXPLORE.EXE
    Remote address:
    35.161.113.48:80
    Request
    GET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fc01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 08 Sep 2024 13:03:25 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Server: nginx
    Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
  • flag-us
    DNS
    orig01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    orig01.deviantart.net
    IN A
    Response
    orig01.deviantart.net
    IN A
    34.223.191.196
    orig01.deviantart.net
    IN A
    52.43.245.220
    orig01.deviantart.net
    IN A
    54.191.87.204
  • flag-us
    GET
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    IEXPLORE.EXE
    Remote address:
    34.223.191.196:80
    Request
    GET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: orig01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Sun, 08 Sep 2024 13:03:26 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 0
    Connection: keep-alive
    Server: da-redirector/0.5.2
  • 35.161.113.48:80
    fc01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 35.161.113.48:80
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    http
    IEXPLORE.EXE
    606 B
     634 B
     6
    5

    HTTP Request

    GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg

    HTTP Response

    301
  • 34.223.191.196:80
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    http
    IEXPLORE.EXE
    608 B
     387 B
     6
    5

    HTTP Request

    GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg

    HTTP Response

    404
  • 34.223.191.196:80
    orig01.deviantart.net
    IEXPLORE.EXE
    236 B
     172 B
     5
    4
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
     7.9kB
     10
    13
  • 8.8.8.8:53
    counters.gigya.com
    dns
    IEXPLORE.EXE
    64 B
     148 B
     1
    1

    DNS Request

    counters.gigya.com

  • 8.8.8.8:53
    analytics.hosting24.com
    dns
    IEXPLORE.EXE
    69 B
     124 B
     1
    1

    DNS Request

    analytics.hosting24.com

  • 8.8.8.8:53
    fc01.deviantart.net
    dns
    IEXPLORE.EXE
    65 B
     113 B
     1
    1

    DNS Request

    fc01.deviantart.net

    DNS Response

    35.161.113.48
    44.227.102.55
    54.244.34.219

  • 8.8.8.8:53
    orig01.deviantart.net
    dns
    IEXPLORE.EXE
    67 B
     115 B
     1
    1

    DNS Request

    orig01.deviantart.net

    DNS Response

    34.223.191.196
    52.43.245.220
    54.191.87.204

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3906d0922539f20dccb364605c26945

    SHA1

    ea9e55e3f58508d69a3c97b9f9877d34a67fbd17

    SHA256

    3c62aab8a304fae40c0581daad52db1758f5ce21491368ce2c8a68521de1ec46

    SHA512

    e9c0ff74af213d765909e78bca6cf59f0936a7a9c83bd1931d665ad5abb6756dfee74f57ae91b164c44d1035979136bfdd0e8426db94683856bf5a7fb8d17dcb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d52ea3f122f394a30d83498738e7ac79

    SHA1

    0d8928a2b7448f4ce2c675ea2aa6691b7f80b76f

    SHA256

    1fa121613ea1a959c358d0180abc0786def3c5f5dd141f7baf39da0fe716129d

    SHA512

    5b8429c590326487db911806b6a94b7c5450fc3c728dae88a4cfdfa191a2794e1cf5066c3dbb67c402d1717e16d693ee09ba3a259f57177daa2dbb2a3c519ce3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e8dba39d4ff121ea1c38e2f50393015

    SHA1

    eee46c63118d2c007f202967fba8b62fa9f5a2d0

    SHA256

    b689d282e73e111429df7a2fd2d9a52c95471adfc922cbb00d2b868a7666d900

    SHA512

    1cbdfc8d1e8acf1324e2f5d204b611a108eb4b030624ff1382835a10024c099a1011b1be4f7213ed7b6eda8b703c3d50aed1728d1c247aede351e0738abcd0e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b47217853bafe2235695a457016ad05b

    SHA1

    78f7fc4bd6d1e3e5058cf954622d528a938536fb

    SHA256

    e6ea9ce6097bb6b20c27dfe6445936019a22dfa03615d3618351c8b61fa5c761

    SHA512

    c92cfdb2a9e26c7ef057a2ebfc39ea5af45abf05314edf851f14d03ec98d99c429cb8c254dd1ed1dc9b4e10169c3f4f82613c1d06eb2526b0f4e265344f333f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57f6c403c88ff2095411e1992dc38d74

    SHA1

    64802ebab9f88e0c060f9bb5b1586241c5e8365a

    SHA256

    d81d7f5085c4ba8042ce53e870b74b2bce913abcf9553b6da745d6842fbdec89

    SHA512

    b37add7cda5103dd0becef4fb2997b562a552259f08e05c94db977512949914b9f803c758cc901dea2b3e12693df516f7ab033ba5b41d2dd7fd7f9bbd9abbb3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd2a674193d7aa05ad7579b68ac25c7e

    SHA1

    c295fca7387045fc4dfa2a25f17005ef3f8b7ac9

    SHA256

    8383374873359a530608b83b02468d9aba7db540d0317667ef7ec57ea5e233d6

    SHA512

    b46819854bdb4e2f34010b2f4d53bb1bef95606d227e2e11af5023bde97cc5be3ce5b0557de9d890684c165436245858757ab1fae14b6b26e79ce0f01b2ae482

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e2835a033f1ce388f90eea073e2eb50

    SHA1

    0eacba04f7e4971654fd3ad684b1c6403d1e4d78

    SHA256

    6f0092a599462720048e2470979a95f1a69c291077f587751a132e864e81a77e

    SHA512

    1a86aa68402e1c8bf3683c3858e792ed35dccf7c26b5206425197f2fb45ef67163116b0902fd0a7570af0f828c918c89d80282e7989853f1c4c04b4c9537cc85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1108f5b0bfd50f459aba91cc46d8279

    SHA1

    0c11103744f9d3713d3b5b7a4ee974ee6216987b

    SHA256

    71ae31f13ccd62a645eabccf8b532b358555707e80c456a268ac20f6533a02ac

    SHA512

    3cb18c888bb297832ce675395f4b2264198dee961ca891e57ab0e947268098dbab3eec091c48187d930785889659f8d45eb69b900d58a1011d6e928eb3dd41f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d8942070c353c503cbd4fb4094fa502

    SHA1

    dea4037f9b1fec97be1441149219cf2f0c1653a0

    SHA256

    5ddf67d0afa69f13e27b1f8800abb4f3b8a156a0a5596200113be57b5000568f

    SHA512

    06a077ab3b8de26933f8dfafdfa84acf7301120b6acd1c02481ad4f9d507bee5ea3354c68f450b46b2e4139d5121873811c10a1004294b27651173fdd7a3a6c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb6eed45a8e1e8ab29925f46619210fb

    SHA1

    61483be3ff7bf9c7e27689ae56c44206620bfab2

    SHA256

    7c6347cee39b8b396378c3fa48a450ca9c8e279a78fc96b1fa0553d3e37cfbab

    SHA512

    2385456f13a5245a06d84dcbc54eff436b0b5ec46fd579f5349c221cfc96f7c89291623b1bec473cc03f7499c154a5e23242f1f22ed04973e09dddac57743156

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa0029ba38faea388567c3f03836bbb8

    SHA1

    3ff5061606d8a6abdfb6c65ddfe3906cfad499c8

    SHA256

    b976e1e99d87721be8e8b35e5e08e9a4cb383ca5a76ca5f60dbec1632e751bfb

    SHA512

    39ca866162dd5e246c8481b8159fdd4c9243de4ba31bf9b6d5ed38386e5b7b6248c1aca7c0c6c62b2b18611f4a5457e5604541effa549bb7b0c84b9ea9ef1456

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb5bffca1b7cbbe8a26acb6e13daf1fa

    SHA1

    81ea614f18144531325d2bfb856bf8adeaa472b9

    SHA256

    870e813ee82b9b2b21bb03d425d19c97e915536528ae9704e9e83be039303777

    SHA512

    7ad0bea3eafd3f1b0d5c137ed4752b0af6e42670a6393604195ae4c21d3e2bdfb637a4184646c544ff286d913763344e84263cf17cccf489143dc468d3053737

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    204c102c551a0b7b5e693b3eecf51798

    SHA1

    637ad713c6bc079c78da7efef6171d564d58107e

    SHA256

    7abbe364036764b96040d65449ffa01123beaaf1b6be471015548c009c86aeb2

    SHA512

    ec0775bf8429eb279c873e0c6ce43666a750a935ed2e4b3ac773e712ed02f57c14e827610d5e026d95f370a8bd50d4971ec1c5ea4cff54021593c20af60ac3ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71360d4033bee1de114b7098a4d09202

    SHA1

    033f3e450c94ae9d360119c5c1460d477dffa039

    SHA256

    4c7c45cfc889de97346810da562afe59ea338fa6652a82ca08dd9bd45bfc95d2

    SHA512

    a42cf2f4a11838a7a6ae99ba15d3bba0ff950fcfe483b67b40be89432b4daa1c2699bf2e525226c89d2c3af0c11aaa329191731f1161874b13e3d12d5597e2bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fe703d78f69dd9a6c439088d3ac6ef6

    SHA1

    d22170edfa21234640391ba5f95f17962079610a

    SHA256

    752be4646e28e0d3ebe01e29aa9f3a1241477f17b0ffa09b871357d15288839c

    SHA512

    8f34badc6c2b2cc4dd60fc4505d36fff9731a683cc9906c24e356c9053546e22d6c85c018a09b426218360315dd5cf4894fc7f9ff6f7359009b7bb8c12a24e61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da1df8f536ce2a281008ab08b82b48e6

    SHA1

    c20934c6914cfe21377f216905b0c60441f83dd5

    SHA256

    6241fb4eee5819305c1c7ca2275d172c1e30e498f60ee0701e4a667805b5a235

    SHA512

    87112e2970853cb6a9299408524eb1802f40d703cf20e60a94a4cd5868f6417d361e93ea9a8e08804c2acc6871a7b1ab4d2b6877bf2beddf6f34e83d78ad55d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb0cb3a1aed8bceb207378b8f61ddec4

    SHA1

    5166231446b86f2c4a146ec819d7a165eee52724

    SHA256

    596aaf34a6dbc27c1b4b5ac6ec7a76281657ba5c456912a8e81eb865ac522b4c

    SHA512

    13092c222831c614320aae8c99415a78b57527b40f918a8cabd812e7813cbba4ed8001f1730239dc437970869eac47e79df50c1e0153b184629c3bac32f2908e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb845bcc6e3913793d38dbc7debacc14

    SHA1

    d7801f0bccdb942bff7895357dc474584967b551

    SHA256

    cb5cc661708ad13970b99de7bf5e0e6fd9b2ffa05cc8017f4b62317fb434909e

    SHA512

    7fd9c0de75b78f7ffdb4231b0d8382f769bff14c3895ec8b48cda148a44663c877f0034ddac63d01897663f0009625d80e9a0e7e2ddf52dab7c353b3650f4d91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd69df7755f86cb32bb15cb5c18217f6

    SHA1

    6404e6ff00b1aee0e294a9b077b42d79652dd498

    SHA256

    eee3ba542a1643d19e1a8f3952e85f26b3c9f76f2a28a222808d8b6a0154cdf9

    SHA512

    898229b3dfb36bac9907585f1b9cd09343f8da8e24b913530c69fdd850c2c9564b8a1d561c17f5eda155290f2dba485e48fd8c951b94090cd822d5eb4d06b2ea

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab73EB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar749A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.