Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ef15531fea...8.html

windows7-x64

3

ef15531fea...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 04:41 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef15531fea55fad7bbc18d563e1139e3_JaffaCakes118.html

  • Size

    118KB

  • MD5

    ef15531fea55fad7bbc18d563e1139e3

  • SHA1

    870768b3df1d552f0f42d166c680b9eb1f2e2085

  • SHA256

    ca07360b33ed0c1b6199719d4c3f7c256b2be5ab1e70ff18c2d88a6d662ca41d

  • SHA512

    5d76ebe72f42c5d82be76f116dfe5d6cd321d6426d8a006f8260764bdcd7c90f74fa8dc0401756ee4747df9423c779d8daddda272395b8b88351bbd81fd7c1b6

  • SSDEEP

    1536:Sl9yLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCsn:SfyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ef15531fea55fad7bbc18d563e1139e3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

  • flag-us
    DNS
    www.dongfangpack.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.dongfangpack.com
    IN A
    Response
    www.dongfangpack.com
    IN A
    47.90.64.242
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.8kB
     9
    12
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 47.90.64.242:80
    www.dongfangpack.com
    IEXPLORE.EXE
    152 B
     3
  • 8.8.8.8:53
    www.dongfangpack.com
    dns
    IEXPLORE.EXE
    66 B
     82 B
     1
    1

    DNS Request

    www.dongfangpack.com

    DNS Response

    47.90.64.242

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2a17fb3a67c6b4f45479c3b8aed5ee7

    SHA1

    e45ff65cc69fa5002f9f38d4b026deade5c878cf

    SHA256

    85371ee21eeb291f839f088902f7d18a4fa9bc805e414297e0078330e48da926

    SHA512

    910365fe62fa957eee617a6a1833d0ead9ab599ca7e03870d69477cf93f2a0e538ba4002f0b666bc3863a92ccd7c223e5cd7a470cab94ebad9b097398817c89f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8aa3c3f9983342db12735ec18c94fe29

    SHA1

    f1542d330da1e836ed691d536a5b4d9523444a1a

    SHA256

    e045ac4bbc622c4634de4d0b151f5f77348b99ecf4209ccf24496208a45e868e

    SHA512

    5071af0e742b8075a4efed8aa7fd3518f54955de1a030ae80c8ef12a84e06b43e4cd9099c8a5d71b076a667700f5b73af64f797292c31f490b39f3579c2581f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2f48481ced92d99d79b6b6edb640ae6

    SHA1

    28c6e4c4a4de6f5cd27c5e3826dd53607da9baa5

    SHA256

    268afd01eed79f500bb1fe1ad3ed5a40b22131c4fa452a7da5e1fbce748cfe0b

    SHA512

    6f17ca34e7ffc9c433df1ff40034d62f3e18afaf5baacdd080fa0a198733e277d870cfcd22fe42d0e3b33bf3ddc39b4448ce6d47f49c3fca3cc409f2e7dcc31e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    503b7d12415be4a068bd4f522bd61106

    SHA1

    e74246c99602dd23dee29530a79de4da93e1e817

    SHA256

    fef5f73f75ce7230e7f54092dd41fb371442841f20e88f8a5b403fd9499b28cf

    SHA512

    de4d812f05905ada5f331ec39f19fafade2b0f93520327f00b55db5b37d827eb1516c0c8aa3f2dc4d3b8299a14c14eb226655647905aa7cb4a89102cadefb30e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adb57cb8a44bfade8b2706aaf754cc47

    SHA1

    98464ff605fce3ca8227a70c749fe38932a29f62

    SHA256

    99190da5f8aea204f7997425251068f47fd4040035134a3fdd63cf4dbf0b246b

    SHA512

    0964617d0471948822875a741816d31fce5f32c88933be11e44b852dc6aaae018c448d41563422be05fd3161523fd070ed1fd8e623a384673a32364919b8aa2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8c3bed99a5b9704dce9926d75e40390

    SHA1

    388a45f6122254b25b8f9fdc2bbaa6658d7d48dd

    SHA256

    e226aa20fb87cd742599effa23cc9fb14dad4657fb91030b69411c988cb8ddbd

    SHA512

    cec52460c8348309cbbfc8234e426a7898ce9b61edac3b24c8cb285faaaff80cc6985bdf817f7daa7521578ab321503437fa1845bacc13d2efbe77834c9cecae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef15e760b645f4c4350002cd13670afa

    SHA1

    56f46900f102dfe324f92bb4fe29e071a74e8d08

    SHA256

    7ff22ef7d9bcb53a62291a430aa280b3bd3e041a05818208b2dc34ba650cb682

    SHA512

    e6b34b0c08aded43bbcae3d0f19bbc984e6a74068875834c9214d3247dcb18495b6689fcfad812fd03e2b6958eac8abe4e3c56f100ce0973eec31bcf3c00ed55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcd679d4b175d9caa34e5e71e6da6c4d

    SHA1

    69283422b73087ec7e41b6deee106183a9786c2e

    SHA256

    b294148d6fc26bccf806c7b5c05dc2fab6d1c986dc391595c141be4e4e541243

    SHA512

    24b27b463ffee19696c019920175a30ba0107cb492246490419c83b1b2b9f03deee608bf691bd8051b99f658fc6b4c4f48af2970be4b2cd5fb0dda24fba17964

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d7542f1df52deec228db082b03b7022

    SHA1

    e759f21fa3843354664fda1ba3bf64e73b81208b

    SHA256

    571de751bf0c8f00ba34ad9e54462966b3c65be6eacf5bef3ffdfdcb131f1699

    SHA512

    443de47602be408d4b0e96e810f5fc6fce970adc6c6e3ec567d2623d1587f82088a36e982dac2fd983d3a59696c9941966bb77af3123b9cfc9d7ec6c88101f23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d6a8e4764554f67a19db0290b7f380f

    SHA1

    4a5329517bf5623452df630729d1033e0fd738a1

    SHA256

    cb19df3c26ee002bf44a99b2fb833f9c13d57c3dc6a951490f29bc838c3791db

    SHA512

    3c6e0ce2ddd121516fa45ce278a7405d0c0577da60887475e0777e18735614d1d0b0e241274681fa2be063564d67507d1a2e09ff272b5c752e204bea9ff83722

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4d10b85232a719e6b85ba647c0431a6

    SHA1

    312d5495cb9d9c774dc465ef1f0b00efc68e44f7

    SHA256

    64fa9cd9bbb61cc50a0f363b48f04def3cc424c414083202b4003b4631f3617e

    SHA512

    1c51b48ee390bce0498bce4ff42fbc5ddcbc1fe94c6715558148ed2c1041e93b84b656f4865740dd08690cb2352d75113938929a5f9cbe2ec5270ae7d6c2631c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5e51a6c14efc5252619c9940ac3b1d9

    SHA1

    a45d40e8975a59964cfa18bc0fddd6aa2eef42db

    SHA256

    61565ad4e4c18d347a89cfc8fbaf7141f10fe64986b0b8218e1ce8fbbf93f1dd

    SHA512

    a12d7a1cd61ca2088aa3e0fcf6d26e9807285d02f994c5672af39b890df76bc51d6ca5879cf828c781315d1d37c736fa2c93ed0fb232e63eb78500e02e215b44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    622b7472e2bf2af3d86f3238413ef13f

    SHA1

    4a6f8cf75ef68d7c6d6173e412dc75783fa53b60

    SHA256

    4963f6c14b16e23969cc1216c9ca53cf75571324d66182b140791b69256cdea1

    SHA512

    153501008561415469e69aa5190bd9a6d1ceaa6c914bb7b0a26dca20bf254275cf0abad70b0b4ced5af8b37cc0bc22080d398b219d61dfd7262e4e47aec93b12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db32651386dce8bef800968c1b19a679

    SHA1

    9b9aac4e6e60518281d1b1475fa51663ff97dd52

    SHA256

    69ad2b21bcad260e4240288ecb6de94aa4480f3f9eb8e8cb28fa25b135c214cc

    SHA512

    3c9f9ed5d223b290fbd3656d5e9a69def15bac41079d5dda8671e1c91a4835dc8fd88b8626319e7001b719217256c93f5f85b3755dd899554d0d332d6739baf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3e70e1ad64f44e39d75a0483c445e7d

    SHA1

    95ba06a6e3197f4594d88eefe9043bd1398d6420

    SHA256

    021e8d92a427fb598c1e4cd5bcbf830fee7ce91e4db0e65109bbef0c6abd04a7

    SHA512

    692f26fb0aa1e68ab0a2e58bafb1a5a4915fcfdd339d321a46d8d4b66803e5166a734c06c6e3b40085d50d7c9426580f94e85e911956a21c902c8923408f2a0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e642ac312a8f56d33ff10a0f91948f6f

    SHA1

    8d8875ece8c59ce6e36ffa5a44e66ce34cf0420d

    SHA256

    64c97e5828269d6a82828ca23529b3b2ffc7fff81416e212a3b25143b3ad9d4a

    SHA512

    0460982e26ed01c4781630b400c723daa0a46c27266bb96148d08852309ea44368c34e103ec3b8de9a57b4fc1e214ca91a11ae4782da8ca08123f643de1267ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66138db6093d7eb262dccb20c70e63fe

    SHA1

    bbb34d8051f6581c16de6d6ae2589f2aec9ad2c2

    SHA256

    21b7d882cd89b5f61cad9a0a9f23c218acd3e069f80d0c5cf3663a96ad138a3b

    SHA512

    c0a8db5ce882c958ae956db0f4040a96a4362f1697dc269b60c30b8f8b032bdaba9c7bb498b37da265df4d8862337cd6ee0f96006c6a6fa340e1275a17f3c676

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    050fb467be0f986f21e19fca1c27f530

    SHA1

    194b8cfa753222130c2120e2840ab709be903fef

    SHA256

    2ba8e343df919808391ae8e459b7ced8580665d5de46452b9853a5b7711c5b0b

    SHA512

    42fbec3a65c24ef4458692ffafe6669bb18b3ad1525d0c1c121814448bf05a36f0937e97e3c067b9b7815b1e0904a5c9277e7bf2f6931760f896d3127052339d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a627cf57227da4476470c9791500629

    SHA1

    03813ec087db69f852284abc695692c317fa64f8

    SHA256

    3992bd2ca8e7b73259055e8e82d6957adc9de790f8bbaacc8d0eae6c08ce9087

    SHA512

    4392d0798a4df9c16d2c8dc2464b04e9b6951b87310701181d52610e491ab879ba293c2a02925f70748a9608cfda5edff4ef4ab1fe23cce63e291221828dc343

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    123de6ba07477c6d11d945976ec021d1

    SHA1

    87d18aeef1b52c4f9a4ffa468bc69a4676d2af29

    SHA256

    89ce9ac0017fd6cf2e6e80f941aa6fa9131b0c458295e232ee10ba650549b214

    SHA512

    011109cd343479a10eae86a468a27486c249df8a732a905b80e37e0629c1a1d749c3bb64cbbb0e29243265ed55ebb02dc80857b010461a6af88e5b673d8126c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cc082434977cddaeb4672838e48c7b0

    SHA1

    f4e2d272447ffdb4152df7fd6c7afc70c0c7010b

    SHA256

    ef386460ebff977698eca185ff71de96900637e903c29a4684d699db13ea2f84

    SHA512

    9c4ae39775e20dcf3e236b8da95aa68f472e6ed23373a43d2d311f5e2e535fbd17ecdb7d68ff220bd7f7ae595fe2ee5f9b39e5d7bd2ae725dcbd7ea9d34ac76e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFEBB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFF6A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.