Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
134s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
01/10/2024, 19:18 UTC
General
-
Target
0713c6780576033684b56bc1ac3fbedb_JaffaCakes118.html
-
Size
10KB
-
MD5
0713c6780576033684b56bc1ac3fbedb
-
SHA1
7084f44d88fc73aa611fe0ad0cfa294d1a31c291
-
SHA256
76bf45d3f552134c6a3e9fe4a5629e95913f3776fa8769acac2d3666a550fb19
-
SHA512
fb26ca5e8851c4cda0ed21c6184763fe6c0d5a3b1ed62c668d73b7f13c89656df5ac26102654118e42ae31f47456af9665be661e9635f1c5aa6deca9921e1ef5
-
SSDEEP
96:uzVs+ux72MfLLY1k9o84d12ef7CSTU7GT/kvSxp5DnQ7Yog+gQ30lVHcEZ7ru7f:csz72MfAYS/+aN6+n1PHb76f
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Internet Explorer settings 1 TTPs 36 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0713c6780576033684b56bc1ac3fbedb_JaffaCakes118.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2692 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
Network
-
DNScounters.gigya.comRemote address:8.8.8.8:53Requestcounters.gigya.comIN AResponse -
DNSanalytics.hosting24.comRemote address:8.8.8.8:53Requestanalytics.hosting24.comIN AResponse
-
DNSfc01.deviantart.netRemote address:8.8.8.8:53Requestfc01.deviantart.netIN AResponsefc01.deviantart.netIN A52.13.151.103fc01.deviantart.netIN A35.86.47.99fc01.deviantart.netIN A35.165.150.26
-
GEThttp://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpgRemote address:52.13.151.103:80RequestGET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fc01.deviantart.net
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Date: Tue, 01 Oct 2024 19:19:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Server: nginx
Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
-
DNSorig01.deviantart.netRemote address:8.8.8.8:53Requestorig01.deviantart.netIN AResponseorig01.deviantart.netIN A52.33.77.108orig01.deviantart.netIN A54.190.123.115orig01.deviantart.netIN A52.26.23.167
-
GEThttp://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpgRemote address:52.33.77.108:80RequestGET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: orig01.deviantart.net
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Date: Tue, 01 Oct 2024 19:19:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: da-redirector/0.5.2
-
52.13.151.103:80http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpghttp
HTTP Request
GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpgHTTP Response
301 -
52.13.151.103:80fc01.deviantart.net
-
52.33.77.108:80http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpghttp
HTTP Request
GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpgHTTP Response
404 -
52.33.77.108:80orig01.deviantart.net
-
204.79.197.200:443ieonline.microsoft.comtls
-
204.79.197.200:443ieonline.microsoft.comtls
-
204.79.197.200:443ieonline.microsoft.comtls
-
8.8.8.8:53counters.gigya.comdns
DNS Request
counters.gigya.com
-
8.8.8.8:53analytics.hosting24.comdns
DNS Request
analytics.hosting24.com
-
8.8.8.8:53fc01.deviantart.netdns
DNS Request
fc01.deviantart.net
DNS Response
52.13.151.10335.86.47.9935.165.150.26
-
8.8.8.8:53orig01.deviantart.netdns
DNS Request
orig01.deviantart.net
DNS Response
52.33.77.10854.190.123.11552.26.23.167
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
342B
MD533d603dc6e5b241b962b7e086292c395
SHA168346ec183a296a51706c51c2b6b48ee41a67c81
SHA256b6e2c964ce198274bb97f708eb4c03664d601bda31c7c4071325535a27f195a4
SHA512dc1d738b468a09670626453196f02b698d0394d93388032d2f47c35a7669a6fdea23225025c186c1fc41087088118ffa53251f17fd6a3a81ca4e02b61d832f55
-
Filesize
342B
MD556dad68c6f0f8d37c6a7699870c3a835
SHA1f4ad785ee0d0185aa26b04accf086990f645c15e
SHA256177ded05a71daace58d64774afe3103261f1a4838c5f25da0f6f0ef75cd071e4
SHA512ffff63c3da3bf2140742455cf966a9cd01b77af5490d60f388507d5a7dbafbc1714eeadc6504541db9fbdbd89e0393dedcc0e6dfcb58bdc3766e779b71a8ebf4
-
Filesize
342B
MD5dc127d41dab2480beb47a42d2fee0f3b
SHA12c89d6573b420b7665a49b95e534d9fed8942720
SHA25661e4ec10a56e15616157cefe3a8c99bfe8aa758080ce3f12559e8e28c9d9a4de
SHA512c20c17c13a731144b1748d037ee8771f92654f4c104f2db0fc6ba2051dc9372c7d0edc22632def061df316933f562aff59ee4dfb84b9d5755a74dfb69607487a
-
Filesize
342B
MD5424affdc06c20c6351f42bed4c324473
SHA1525f2a4e3b1a8ef8f28f58f3bf1e54757929d68a
SHA2565d1a5c3c24404ac38becb8c52c7a01bbc38d9e7e972c5424415551d924d6e930
SHA5120614809c8d105deb378d0bb3d5ccdcb79ffea09160a896036a810ea4ee3b96043a8d64326ad3575685bd0d5468ab8dd794c08518affe5dd8cd3c4caf5deabc26
-
Filesize
342B
MD57b619c5cd4b25c3204814ab5841b6a2d
SHA161701ac4633f44574c5f0b1f98e86f5e0740fd14
SHA256eb79d5c011317d7e0e1b140055a9051999cad4248e5369787382add8ea5a46db
SHA51296671dc93ab035c0f2bd111f344525ec9a621d06f472ef5640fea96ae96c6e60b26319829f99b314740407217713b05627d3a1f95026287bce53df82155c9f85
-
Filesize
342B
MD5c2865927eef2ce72651b2635f153c8fa
SHA1e118dc95aa0b3422aeed0b5ac75dd5dee5a1e11e
SHA2561cefc48822e2aa2cf2442a2460d2bd355265cc6ab7f52821adb78f4c1089bc02
SHA5128098ad18e92e7ab98c042e407415f661c7b5da85efa73a490ac02c7c8a14971f3634c03980afcf57d3abeeea0b049d16248f1dd525e0358cd8b414facf060925
-
Filesize
342B
MD5ec1a27dd02066531b106b2cfc4757f29
SHA114627c39f1bcdd69fe3643a1574b6f2565f2d447
SHA2563db66fb25634694c17d4495157cd7c077ce81f4b60b214efaaec7254db4df821
SHA512d33612ff6eeb1438bc093d341f5eba266cbf48fd5f5947b0527b27412a5bafe0972fba098d64dccc519bc70452b7796992585d9e6e76188241d452718b59cf3f
-
Filesize
342B
MD5bbe4901be9b46198d830457eaaf464b9
SHA1d0dc31ff230791b0e9ca94a7192487537fad5573
SHA256c2208916e6ce81ce5334cfca9808592c9f1e8dcf1f3ebb18c5ed1d8798459928
SHA512043e996818d665310e1f6a325fef8278fa3f58985a078a579eef7deba0932eb1a932c218b6d4f91ead0e3c2c23270afd70de20804cce2f73b81335e5d072a995
-
Filesize
342B
MD5fca6cb8835e8c7db9a56b2939ad9679f
SHA1e95699761fdbba7c3f9ab5439b497254a268409d
SHA25621017b9688a7584c9723f09ddbe9ff94c34b53081511517bbbf431bc6aa87f9b
SHA5122efd095637c7f60bc557b5031e00048913386acdff4dcf0275a6bfbcce3811b0394296c626e7bbd6cd581579966c6896e9df35db8c47582807ae10e2af986c61
-
Filesize
342B
MD59a77ad7879b5e7b800b8ef9dbb681a03
SHA1cfea5484144524e9f471e3b425f25b750baf6e76
SHA256c30d41829de873da53d574248e6a5b2ca1ebfdfb3ba5ce8d90ee999729793dca
SHA512a075fad01f31dda9af882b13fe8924a994a143f87bfae18444c5cf975928100baf3c0d72d12f2110b61a4dae36b98a61d335c1ef685a477d071c8fdf060d7d17
-
Filesize
342B
MD549165e5014120e96525e61311b63b94c
SHA13b1f8413fa5ff166cb3638d62c30bfd208d375fa
SHA256a97d61dee03cf5033d8ef88d543dd6d94e4d497a7aa6f53908442eb326263ca2
SHA5123b86aabac4ae3bcfde66893ca0c30d5efdcd7ebb04b9b29522f5de25f122f893e57638c7a65ff3c16029c44ec711b6cdbdf1118bcdceafc45fc75015aa2a135d
-
Filesize
342B
MD513e967861c48045664556c2419787102
SHA1407f2446c99ba244063fd0164ddaa12b5cb801fd
SHA256b054b6a4ab8ae4bb7a443e4246d91279bba03fb0ce8d62f73ce328ae71264c1d
SHA51284a2901e491568e43aee2d910d901c7a1f3bccc8d5f00aa8347459140d3764caad06ae725a732bd70bcca5f2f024c10a826c320bf9126b2f86b4429e1c1bab7d
-
Filesize
342B
MD54b390ea49f0cf35cd6a36095483a371d
SHA1f5ee2621cfa1de3101171cb6f94a43befb506b93
SHA25627ab80b7e74c4741975e3923907e81381ad715d5a9cb886629ad855c881ad01e
SHA512d185f39f5f4904ad8a38ea4dcfbb1987e6f2dda21d628aef9137961e3032583b8efc9d20acb774609ccbf91b528adfa10290528642b66b64239a7adffc3196c4
-
Filesize
342B
MD5245a6be1c37a9f40e20e82a7a0c2c666
SHA1d4c1962c647fc6d8bfd2c60cecf70155f37aceed
SHA256914f35c9ac83cee269f051e8ca4d92f48d13e1bd43b71773ee7e96b48d349336
SHA5123d0427b21b8a9092dbc078ff45ff4aadac45fb7cf0b5e3d7541f83c39576800e1c1844fa6f5416936116f92a96e4c8f4082ae12632ff6cad4652101f8c68c684
-
Filesize
342B
MD5804174ef07af542428cab8c537e60aed
SHA1a8b9e69c56b205a688fb35cc058d0c792da68ee0
SHA2569ab2b6ef10b0fc212f44145ccc535e4363dc4ced4b3dc5b6533c32d1156979b5
SHA512f6c3fbb3e778ca4a5af8491b889af1f827f71c82aed99b21859324021cf2cd1865f135bdf9058ef2e5cab423e4fa03f2959555285766b5e3392ddbb6f6730b33
-
Filesize
342B
MD5f03484d680edceb5ff63ad63723136e4
SHA1873975254ce825de58c73e4bf3984ab2e5e86a2d
SHA256e1764c560094021abcf7fbfb820a6df429f8b623a966797fd92d069c76f44356
SHA512d23041dcb42708a0e7f911db9e7a12d04b5f893b096cdff89d7237c563a682a1da24de972ef6e7a2883316589d21a96cefe4325734124b7b9f073a1fcd5d341c
-
Filesize
342B
MD546c98ca6ba797bdfc9c12404e085a0c1
SHA182c2a08c9b40e60e3e0805ea0e70418e5e948b37
SHA2560190145735ac93688e3992d1579e1654593d37803f1f11804e6fc0f3b3ef76fc
SHA51251e4214c6beded36a3865a290453c0473113ee129ab9f213a7fffdd23dd1cb259bb543e363fc6611f1bb6c31615f5db41fe0704e548226b5da35693a47354035
-
Filesize
342B
MD5bdfc50ef3d3739d7d51a12fb550c581b
SHA1f3f421feef56c1ac98a98c517c7df3adbf6b16f9
SHA256d9bee2ea0c679726bb81864a907ced08af0d05ed69d49d42ad1ade2829f9822d
SHA512f62d9c13f933ac7be306314d2ce995dd481b8f5d57f7c0bb9fea95f751b39d65a640274fd0298d95ae48138725de5f382fb7069b9b39ff7613efc99c1e4db205
-
Filesize
342B
MD5f4e6b5339ce227bfb836b26e7a477f15
SHA16f5e244aecf89aed93f39260591bb869d312a72a
SHA25685479c5bbe65241c1d3ce78a0e04c008ee139751ba08fd103408b2702eb6ef57
SHA512e7c69245e69b1db5e2430a0f1d3dde0d840c682f00314ccb37920d5ef978810bbf2b1ee87c05c066a91dd8f61a001e7cd438f44a1ad5dbd88afbafd663891901
-
Filesize
342B
MD51a07a3dfeda00ed1c40c3816ac46d21f
SHA1521e0c06cc6d27118ab64b737d99a0a023482577
SHA2560a8efdd03bae6220d7bbd0198b0a3a3e3719984723642e55a44c7b702ad77a04
SHA51259da19b99905468f6b7c132d9b86474b3ce82fe01e43123fc7244dd25585ddf5bc7fc4bd93cac039b9cf5e8e2f2b73037ec50f6369148f18d77dee5c8e884e3c
-
Filesize
342B
MD589342df97cf6b965177bcc3fc69b784b
SHA1b2663820e070436b1abe12536ed42947062abc77
SHA256e3d85d2561ae743822d0daf8af47f5fa0b80efe021ddc8302ac3df6548068d7e
SHA51284e7f8ca1f8f1ef20133fab48a2e3d1b43fc0acf21fab975f36b3a61025176e8e0a83da4cd021760d01a9e17ea6369b2f08f60ef4275f9760eaa205be4490eb9
-
Filesize
342B
MD59950f02336af2062641141c78f381b99
SHA115b95de1e1a13d1c8f44b1ad31e1a82749df296c
SHA25602f97f287d9a0bae12c9a0531a03879951e57b135259b67c011584074bd161bb
SHA5121a2da6892e34a1ad09c8515ff1f751365294fd74523131d424b36075bc335159f18e1fb166de072649ff58f6d557b18b9291d7f7a2c2c3656c255e8c30d7687b
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b