Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
129s -
max time network
142s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
04/10/2024, 05:39 UTC
Static task
static1
Behavioral task
behavioral1
Sample
120ecfa1307bc6f486987a53c41317dc_JaffaCakes118.html
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
120ecfa1307bc6f486987a53c41317dc_JaffaCakes118.html
Resource
win10v2004-20240802-en
General
-
Target
120ecfa1307bc6f486987a53c41317dc_JaffaCakes118.html
-
Size
161KB
-
MD5
120ecfa1307bc6f486987a53c41317dc
-
SHA1
9502612fe8cc5c9d4b85dcfcaa8a33c090555b9a
-
SHA256
ecd6a818217ab0749bb9128ffab68792728e95764d253ae9f331a102b6931669
-
SHA512
06f7c6f9f1d5e3ae7a92ced05e8832e6204cc78765bbd87a8d945242c01f55bbf30af4f583fbd4432f794cb9464397c2bc2e8a33d0e6716bd556453651ff577a
-
SSDEEP
1536:itRTgBtAtsC1L0wPTKuQyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09wee:iLFsQ0AQyfkMY+BES09JXAnyrZalI+YQ
Malware Config
Signatures
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\120ecfa1307bc6f486987a53c41317dc_JaffaCakes118.html1⤵PID:3476
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --field-trial-handle=2920,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=3944 /prefetch:11⤵PID:1340
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --field-trial-handle=4756,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=940 /prefetch:11⤵PID:2912
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --field-trial-handle=5340,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:11⤵PID:4284
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5496,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=5548 /prefetch:81⤵PID:4388
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5512,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=5568 /prefetch:81⤵PID:408
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=6020,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=6072 /prefetch:11⤵PID:3208
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6364,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=6376 /prefetch:81⤵PID:2940
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5816,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=5544 /prefetch:81⤵PID:4440
Network
-
Remote address:8.8.8.8:53Requestapi.edgeoffer.microsoft.comIN AResponseapi.edgeoffer.microsoft.comIN CNAMEbingadsedgeextension-prod.trafficmanager.netbingadsedgeextension-prod.trafficmanager.netIN CNAMEbingadsedgeextension-prod-europe.azurewebsites.netbingadsedgeextension-prod-europe.azurewebsites.netIN CNAMEssl.bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netIN A94.245.104.56
-
Remote address:8.8.8.8:53Requestapi.edgeoffer.microsoft.comIN UnknownResponseapi.edgeoffer.microsoft.comIN CNAMEbingadsedgeextension-prod.trafficmanager.netbingadsedgeextension-prod.trafficmanager.netIN CNAMEbingadsedgeextension-prod-europe.azurewebsites.netbingadsedgeextension-prod-europe.azurewebsites.netIN CNAMEssl.bingadsedgeextension-prod-europe.azurewebsites.net
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTRResponse8.8.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Requestbusiness.bing.comIN AResponsebusiness.bing.comIN CNAMEbusiness-bing-com.b-0005.b-msedge.netbusiness-bing-com.b-0005.b-msedge.netIN CNAMEb-0005.b-msedge.netb-0005.b-msedge.netIN A13.107.6.158
-
Remote address:8.8.8.8:53Requestbusiness.bing.comIN UnknownResponsebusiness.bing.comIN CNAMEbusiness-bing-com.b-0005.b-msedge.net
-
Remote address:8.8.8.8:53Requestwww.tja16m.topIN AResponse
-
Remote address:8.8.8.8:53Requestwww.tja16m.topIN UnknownResponse
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A92.123.241.137
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A92.123.241.137
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN UnknownResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.net
-
Remote address:8.8.8.8:53Requestwww.tja16m.topIN AResponse
-
Remote address:8.8.8.8:53Requestbzib.nelreports.netIN AResponsebzib.nelreports.netIN CNAMEbzib.nelreports.net.akamaized.netbzib.nelreports.net.akamaized.netIN CNAMEa416.dscd.akamai.neta416.dscd.akamai.netIN A2.19.117.83a416.dscd.akamai.netIN A2.19.117.71
-
Remote address:8.8.8.8:53Requestbzib.nelreports.netIN UnknownResponsebzib.nelreports.netIN CNAMEbzib.nelreports.net.akamaized.netbzib.nelreports.net.akamaized.netIN CNAMEa416.dscd.akamai.net
-
Remote address:8.8.8.8:53Requestwww.tja16m.topIN AResponse
-
Remote address:8.8.8.8:53Requestwww.tja16m.topIN UnknownResponse
-
Remote address:8.8.8.8:53Requestnews.share.baidu.comIN AResponsenews.share.baidu.comIN CNAMEnews.share.n.shifen.comnews.share.n.shifen.comIN A182.61.201.94news.share.n.shifen.comIN A182.61.201.93news.share.n.shifen.comIN A182.61.244.229news.share.n.shifen.comIN A39.156.68.163news.share.n.shifen.comIN A180.101.212.103news.share.n.shifen.comIN A112.34.113.148
-
Remote address:8.8.8.8:53Requestnews.share.baidu.comIN UnknownResponsenews.share.baidu.comIN CNAMEnews.share.n.shifen.com
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A92.123.241.137
-
Remote address:8.8.8.8:53Request56.104.245.94.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request138.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request228.249.119.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request137.241.123.92.in-addr.arpaIN PTRResponse137.241.123.92.in-addr.arpaIN PTRa92-123-241-137deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request83.117.19.2.in-addr.arpaIN PTRResponse83.117.19.2.in-addr.arpaIN PTRa2-19-117-83deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestedgestatic.azureedge.netIN AResponseedgestatic.azureedge.netIN CNAMEedgestatic.afd.azureedge.netedgestatic.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
Remote address:8.8.8.8:53Requestedgestatic.azureedge.netIN UnknownResponseedgestatic.azureedge.netIN CNAMEedgestatic.afd.azureedge.netedgestatic.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.net
-
Remote address:8.8.8.8:53Requestc.s-microsoft.comIN AResponsec.s-microsoft.comIN CNAMEc-s.cms.ms.akadns.netc-s.cms.ms.akadns.netIN CNAMEc.s-microsoft.com-c.edgekey.netc.s-microsoft.com-c.edgekey.netIN CNAMEe13678.dscg.akamaiedge.nete13678.dscg.akamaiedge.netIN A23.219.197.132
-
Remote address:8.8.8.8:53Requestc.s-microsoft.comIN UnknownResponsec.s-microsoft.comIN CNAMEc-s.cms.ms.akadns.netc-s.cms.ms.akadns.netIN CNAMEc.s-microsoft.com-c.edgekey.netc.s-microsoft.com-c.edgekey.netIN CNAMEe13678.dscg.akamaiedge.net
-
Remote address:8.8.8.8:53Requestnav-edge.smartscreen.microsoft.comIN AResponsenav-edge.smartscreen.microsoft.comIN CNAMEprod-atm-wds-edge.trafficmanager.netprod-atm-wds-edge.trafficmanager.netIN CNAMEprod-agic-us-2.uksouth.cloudapp.azure.comprod-agic-us-2.uksouth.cloudapp.azure.comIN A172.165.69.228
-
Remote address:8.8.8.8:53Requestnav-edge.smartscreen.microsoft.comIN UnknownResponsenav-edge.smartscreen.microsoft.comIN CNAMEprod-atm-wds-edge.trafficmanager.netprod-atm-wds-edge.trafficmanager.netIN CNAMEprod-agic-us-2.uksouth.cloudapp.azure.com
-
Remote address:8.8.8.8:53Requestwcpstatic.microsoft.comIN AResponsewcpstatic.microsoft.comIN CNAMEconsentdeliveryfd.azurefd.netconsentdeliveryfd.azurefd.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
Remote address:8.8.8.8:53Requestwcpstatic.microsoft.comIN UnknownResponsewcpstatic.microsoft.comIN CNAMEconsentdeliveryfd.azurefd.netconsentdeliveryfd.azurefd.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.net
-
Remote address:8.8.8.8:53Request104.219.191.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request171.128.123.92.in-addr.arpaIN PTRResponse171.128.123.92.in-addr.arpaIN PTRa92-123-128-171deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request154.239.44.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request50.23.12.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request206.23.85.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request21.236.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request134.128.123.92.in-addr.arpaIN PTRResponse134.128.123.92.in-addr.arpaIN PTRa92-123-128-134deploystaticakamaitechnologiescom
-
3.5kB 7.5kB 14 14
-
3.9kB 10.2kB 19 25
-
4.0kB 22.3kB 27 38
-
3.7kB 5.8kB 14 15
-
260 B 5
-
260 B 5
-
3.2kB 8.4kB 14 14
-
3.0kB 7.6kB 12 11
-
95.7kB 4.6MB 1972 3336
-
12.1kB 14.0kB 35 32
-
12.1kB 402.9kB 186 304
-
5.5kB 91.4kB 53 77
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
2.3kB 5.2kB 10 12
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
73 B 226 B 1 1
DNS Request
api.edgeoffer.microsoft.com
DNS Response
94.245.104.56
-
73 B 271 B 1 1
DNS Request
api.edgeoffer.microsoft.com
-
66 B 90 B 1 1
DNS Request
8.8.8.8.in-addr.arpa
-
63 B 144 B 1 1
DNS Request
business.bing.com
DNS Response
13.107.6.158
-
63 B 171 B 1 1
DNS Request
business.bing.com
-
60 B 130 B 1 1
DNS Request
www.tja16m.top
-
60 B 130 B 1 1
DNS Request
www.tja16m.top
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
92.123.241.137
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
92.123.241.137
-
63 B 275 B 1 1
DNS Request
www.microsoft.com
-
60 B 130 B 1 1
DNS Request
www.tja16m.top
-
65 B 172 B 1 1
DNS Request
bzib.nelreports.net
DNS Response
2.19.117.832.19.117.71
-
65 B 204 B 1 1
DNS Request
bzib.nelreports.net
-
60 B 130 B 1 1
DNS Request
www.tja16m.top
-
60 B 130 B 1 1
DNS Request
www.tja16m.top
-
66 B 196 B 1 1
DNS Request
news.share.baidu.com
DNS Response
182.61.201.94182.61.201.93182.61.244.22939.156.68.163180.101.212.103112.34.113.148
-
66 B 157 B 1 1
DNS Request
news.share.baidu.com
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
92.123.241.137
-
72 B 146 B 1 1
DNS Request
56.104.245.94.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
138.32.126.40.in-addr.arpa
-
73 B 159 B 1 1
DNS Request
228.249.119.40.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
137.241.123.92.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
83.117.19.2.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
-
70 B 231 B 1 1
DNS Request
edgestatic.azureedge.net
DNS Response
13.107.246.64
-
70 B 275 B 1 1
DNS Request
edgestatic.azureedge.net
-
63 B 193 B 1 1
DNS Request
c.s-microsoft.com
DNS Response
23.219.197.132
-
63 B 238 B 1 1
DNS Request
c.s-microsoft.com
-
80 B 198 B 1 1
DNS Request
nav-edge.smartscreen.microsoft.com
DNS Response
172.165.69.228
-
80 B 242 B 1 1
DNS Request
nav-edge.smartscreen.microsoft.com
-
69 B 251 B 1 1
DNS Request
wcpstatic.microsoft.com
DNS Response
13.107.246.64
-
69 B 282 B 1 1
DNS Request
wcpstatic.microsoft.com
-
73 B 147 B 1 1
DNS Request
104.219.191.52.in-addr.arpa
-
4.4kB 6.7kB 10 13
-
73 B 139 B 1 1
DNS Request
171.128.123.92.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
154.239.44.20.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
50.23.12.20.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
206.23.85.13.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
21.236.111.52.in-addr.arpa
-
204 B 3
-
73 B 139 B 1 1
DNS Request
134.128.123.92.in-addr.arpa