Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

efe3d185c6...8.html

windows7-x64

3

efe3d185c6...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    67s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 13:25 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    efe3d185c6799452f8e74d5aba165766_JaffaCakes118.html

  • Size

    68KB

  • MD5

    efe3d185c6799452f8e74d5aba165766

  • SHA1

    1ebbec1bd497a5326d9ffce2acd459c96de8ad8d

  • SHA256

    7fc13411203c1cd9f3abc8ed8a7315170c15a026626aaa44a429e8294bcfb2c3

  • SHA512

    8889b69c22426371146aff4015d8b8c5bb0f1d156e74bfc4303786f740b8217b1b1c43bbadb7ea0d898786aa3c5839675f006f4213a3c8c4d147f0676b149bdd

  • SSDEEP

    768:JiQgcMiR3sI2PDDnX0g6IHXlCloTyv1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVG8X:JQJCiTcNen0tbrga94hcuNnQC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\efe3d185c6799452f8e74d5aba165766_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

  • flag-us
    DNS
    img.sedoparking.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    img.sedoparking.com
    IN A
    Response
    img.sedoparking.com
    IN CNAME
    sedo.cachefly.net
    sedo.cachefly.net
    IN CNAME
    vip1.g5.cachefly.net
    vip1.g5.cachefly.net
    IN A
    205.234.175.175
  • flag-us
    DNS
    www.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    216.58.204.68
  • flag-us
    GET
    http://img.sedoparking.com/js/jquery-1.11.3.custom.min.js
    IEXPLORE.EXE
    Remote address:
    205.234.175.175:80
    Request
    GET /js/jquery-1.11.3.custom.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img.sedoparking.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sat, 21 Sep 2024 13:25:20 GMT
    Content-Type: application/x-javascript
    Content-Length: 25176
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=86400
    Expires: Sun, 22 Sep 2024 13:25:20 GMT
    X-CFHash: "7dd2fc9525d32ef5c44abe9036c98ad1"
    X-CFF: B
    Last-Modified: Thu, 28 Jun 2018 13:09:28 GMT
    Vary: Accept-Encoding
    X-CF3: H
    CF4Age: 0
    x-cf-tsc: 1685886798
    CF4ttl: 31536000.000
    Content-Encoding: gzip
    X-CF2: H
    Server: CFS 1124
    X-CF-ReqID: 10018e9ecbb94556d435cb5942dfe9ca
    X-CF1: 11696:fT.lon1:cf:nom:cacheN.lon1-01:M
    Accept-Ranges: bytes
  • flag-gb
    GET
    http://www.google.com/adsense/domains/caf.js
    IEXPLORE.EXE
    Remote address:
    216.58.204.68:80
    Request
    GET /adsense/domains/caf.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Type: text/javascript; charset=UTF-8
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
    Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
    Date: Sat, 21 Sep 2024 13:25:20 GMT
    Expires: Sat, 21 Sep 2024 13:25:20 GMT
    Cache-Control: private, max-age=3600
    ETag: "16351978462908828180"
    X-Content-Type-Options: nosniff
    Link: <https://syndicatedsearch.goog>; rel="preconnect"
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: sffe
    X-XSS-Protection: 0
  • 205.234.175.175:80
    http://img.sedoparking.com/js/jquery-1.11.3.custom.min.js
    http
    IEXPLORE.EXE
    1.1kB
     26.7kB
     17
    23

    HTTP Request

    GET http://img.sedoparking.com/js/jquery-1.11.3.custom.min.js

    HTTP Response

    200
  • 205.234.175.175:80
    img.sedoparking.com
    IEXPLORE.EXE
    242 B
     132 B
     5
    3
  • 216.58.204.68:80
    http://www.google.com/adsense/domains/caf.js
    http
    IEXPLORE.EXE
    1.7kB
     58.7kB
     30
    47

    HTTP Request

    GET http://www.google.com/adsense/domains/caf.js

    HTTP Response

    200
  • 216.58.204.68:80
    www.google.com
    IEXPLORE.EXE
    242 B
     92 B
     5
    2
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.8kB
     9
    12
  • 8.8.8.8:53
    img.sedoparking.com
    dns
    IEXPLORE.EXE
    65 B
     134 B
     1
    1

    DNS Request

    img.sedoparking.com

    DNS Response

    205.234.175.175

  • 8.8.8.8:53
    www.google.com
    dns
    IEXPLORE.EXE
    60 B
     76 B
     1
    1

    DNS Request

    www.google.com

    DNS Response

    216.58.204.68

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f0f8e4a17e013145536fa5c1c695d6e

    SHA1

    7c7c429e934d64dfce2c20eabd5da99bc34bba94

    SHA256

    cd98c1c09752f26076ccaecdf42c3393c82f6cba0f5be775b0efba0eda7c2412

    SHA512

    65d194f3eaf980ac30f27bfb51753f6b279b48a835285895fd21ca901338c5d6c5dea671cc8bd5178648269508de52301ec3ffb65c0af0c83a394c78e289d2c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6b0afe95c0f242a73e50a5bc5719f5c

    SHA1

    05bbc59859d98a359947d7d4993deca0e13f9c19

    SHA256

    2030acf8b2371727722f725e65888f8f582b30897f309f365a4efef6589bb419

    SHA512

    114785de1ec8a6e351f266dbacadcd64f28632973bb0f2e0d36061790dc8e2fc7497555a0bb6a5f31494772294e59d3f846484569a32ebaa6f1891c176e3d797

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ee8d5e626f98105194974e9226b91d8

    SHA1

    9a39ffa1ba221de64e9ffcccf2442bab8de9d160

    SHA256

    edeee692590a1a6cf1c3fb9bbcac3a1b449d926ab540eee5e10061ddf777abf5

    SHA512

    dbff6936049ce047ea2ed95443c7a84fb6ec43924dbb9f35eea21a87d7059d764f27c1df0b493e8edffd04b1f0fea2b43da963071790c8c5eb0fc090f900282d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cba0062be23399aac9a238465f534f5

    SHA1

    d94d6ffa1cc81a9eddcb3048cb6469d056cfd0fa

    SHA256

    b459e2f0b6d0309308537c9d56baa98fa9544263b8c3e103eb5a7c3c6de00f51

    SHA512

    3d7c55135480da877f1b86c1e92daf9bb419e55416cb9ca1c10c228266218046a91696432e27f0053b637dc9457d3bac674789998a46a0416a85bba49bc95a4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e859b076f8ae167ea56be90f7c9e87a9

    SHA1

    8e51f35f18ef1cfb9f679d1a90482055a353faab

    SHA256

    761fb931091ed12039f7564e7dc04e76cc64c2d3e4ca3134ff3e8e5921fbc857

    SHA512

    7fa9d2f1cbd997a890c110475d55af90a02aef648a75768f9351f1440058744811863652d81226bb4a3aa75f3599ae9afbef0a886e2f7b8ae69b54cf923bc74b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    066c5808d175cc188c0819f3b6c77e5c

    SHA1

    51b800f0b782a66c43f1b87169df552b2dff4ed2

    SHA256

    6a93ff9b8b69502cf941b826e33b53c7a40007284a4a975b4e60a9cf70ce4f5c

    SHA512

    ec2148c82a64426d116d3fdae1fe27407fe08300b8468a5f38871c7796fa12506ed413f7ae6a8e65e96d8e198d8bb72d084c208ac27b02004f69a62b1650a404

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce4c9a13d63d87f7cae11484b91e4c19

    SHA1

    8a1b58edb15fd6165eeb85ed7ba2c01768d6adc6

    SHA256

    ac07e60d076bb8ad9f36c31e1fb702f20f9860b6621849ac512f19325d29eab7

    SHA512

    aa32985d233393c1e40c5a424cf9493beafdde61cf888b50dab1b6fbbc20dd748adc96f7c760c729a2f9fc1bbf7636a70bc52c1c945b6b493d35d99b36e00067

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b15f312ba3dcc51eb77173e314f5831

    SHA1

    cfb91391fd3a68c6f97ee14ae82ad21e5e3d6c0f

    SHA256

    c39b32ac9e1136e0946dd1e9dd52714d9b5188a7b5a019124c432bef4b39338a

    SHA512

    b6f8985a6ff9d1421d8f1422f0fe1a3fd041cb519f0b8747bf54e1a1c03772888d33a247f70b47c5a0dc8cdb5ce75165bb16cc71c81df67250eb39286a63db43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a974bf260a6ac4bfa03a2ed7bebcdada

    SHA1

    676e5bdaaa667e661a52f6ca6bf5e89a1f09cd3e

    SHA256

    de7e42d359ea1e075fd63f8cbf54f37200bb8b55a89ec177ad3f23bc9628112e

    SHA512

    af1874792a374b53a055f7155504a48d1a301f21174aa7624cd3620e7131051f4ae256e8d8198d9f7bce4793c7eba892280e0e166a6bcd6c2af0672a310d7765

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea7af079e5c5c003ebd3afd335316c89

    SHA1

    5e4409907c5c4bb66471d4bb4c1a198589732e2a

    SHA256

    c8a7d5f9d3c98a4ce08b798ceab7fbc970c0988c0bf66b7a6932dd67a94467e2

    SHA512

    0949b61c5dca9d4cc4a1c61a7f3e95de72eb0891707db24e1f822eb5beb5722e1581000fedaf529815a91ef5080cb8891ff3ff7ffbb8f1688e99c5ff77f00c90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c765ef7c78ea80201f4ce605d4ed7b85

    SHA1

    6cb8c86802b3294b4e9ac59e2c8b795d17260fd1

    SHA256

    384803e6e1bb46ca3b6632b6eb56f29fdcb7dc90f2122c78fc3bbb401e04931a

    SHA512

    b5e686a293ce035660be61bb1437d24d1d4ffb1af8293287bac09cc8c2ef6a20b6bc5ae42dded77e80a932066ee9491263aa58687d1a3848d7b12d74f40dd03b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a38b24fa3425e737d3d0663217e5a3e7

    SHA1

    58b0ab3a880e7f1d6760fb79d1a9cb804be1aef1

    SHA256

    e6edaa360dc65585c352ca58989580b00ab7d0d766bac339c6c69cef16b5a8c1

    SHA512

    603a34f9c242bcecb4f80f3bc489252a0832bb3b6a6fad661365e400ed821553e1f38f22bae94d7c0458783e3662cf1950575cadddf07f3b2bba74210b5fc57c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8ae41f56e919152614f128f4e983f5f

    SHA1

    f2885d0eeee0e9aec152fb7ef4c734b18c1dd44a

    SHA256

    fcdcdaaa492b6e5d928a521dcbe69ca7a1e80643387cfca8f99b39444d12714b

    SHA512

    8dd67f3e084f20f7c16a9092a92756c2dd631d801900355666d2e6961418355129687db08552216a9cdf9128d4f862d79ae3433cfa40f8f8f5cc4548bd5df0be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e190b264e472f09e3f2c4e45572dfe00

    SHA1

    0d73050e7498f86d77881a67e25e57179643d72f

    SHA256

    191e69908b2fbdfac133d4c1d693514956412f7494a8a61c14332eb0809d0ecd

    SHA512

    976cfe42ad593e024ed9a331d793c3b7be4112bb3d3504f0ec11618ad3a7896a9b476e853a99871836afb3c7f1480fc351863264278d1a8f700a69d538154840

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e92c1b6d1602ad2bc400a62f274398b

    SHA1

    b252c099b8171f516aee70fae2e4c045d636d7f7

    SHA256

    10ff40fc084cc2c984779c76bd2db41491fc0fa0eae87d9e765b8a01c6e984f1

    SHA512

    92eedf83c5749b9d90a4f05dc9794f257217100975aa6d07abc00f07452e6b0bf59bf0b17e3f19529852d9d84770bdf30ada7817a7bbae213bff93d6dd0f333f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc98ef02cd1607d5d26df59373475450

    SHA1

    f05d537f723ae356fdc574657a0ca8985d048ce3

    SHA256

    2bbc6991f78f29b0e36dbd0218fe2312c82fcc233768c0d1ee9291c759422041

    SHA512

    a9a7b84fefe9b7490dd8065d8b47c7eb6a623034de0cf705b37ddb9d363451a06c8d2c49a22faa84aa16843cfdd20e7fc279391e554a5543909c50aa7c466a08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15b800bd40e72823e5e53dacbd97277f

    SHA1

    d0d51ac213427b1c540ea1b7a0c430a7ba74ac96

    SHA256

    e976b6853abeee5cb2a40c94659da32fcc955f3bbe509b2586621163c586565d

    SHA512

    eb76d10551109aaac6b530ea292a1883cb8b6ee1de6fab105ababbf8b9b522143d9dc298556eb0cd937c87c273c685b3a5546822fdd74fbcbbb5dd34fa397f54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc6061d0e8d1b3ab73e81356e442d105

    SHA1

    39575967c31f25ff517c13625617024194a914b2

    SHA256

    7b261f56ce4b33c306e42f7b49295dbfee2220f2d430bcbd0ea3d093841358c8

    SHA512

    1d6395ae6b700e3dddb1875266ca92737d6cbc983734b5f6ea7a15807b8f7208b3f3ea0174a0db801e59e45d191fa2d6d6f72266333c32b832fd62f74002942a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f8e7642583bd63c24491ff94fcb7797

    SHA1

    6846c3083a4324198a0e6bdc852193adcfe44bdd

    SHA256

    a3ab3bb1b497c65f89edf76092e28e7b38d7ba6ab549a523cd53b73328d6ace5

    SHA512

    4d331c8f315f7624f38e81380d662ed9d7e76159a2bc7278215b06e8681e883f982ffaf81f1df4ca5d74b1cd84c365283cf24a36c9047ff8bed0f672d56573b4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC90D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC9DA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.