Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    144s
  • max time network
    158s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2022, 02:29

General

  • Target

    d.html

  • Size

    3KB

  • MD5

    d879356e9a4d4be1c2692fbc85635740

  • SHA1

    79e584931ab41b0d984e9c13e6de003e37ac986d

  • SHA256

    5ed14da1f62b449a2c0bcb0da1fcb3c6813b3f66782285999b358cc1933519af

  • SHA512

    eda1c5d3a12d082803adf6bceddd3ffc254a7c33e7e5a3950c38c919eb51d215ee6a2424c90b07aa19b6f98f0397ad0dc7886ecb2cf38e9408158d87a011b028

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1788

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    340B

    MD5

    244762609cabb7961d4f4dc600283a20

    SHA1

    b1866230ca43932ff01af0a8cda1d7518947bade

    SHA256

    e936992fd33b9fd52d64f7f25880bec0ca3af5fcf68c3efde717837804d8431a

    SHA512

    98947378505c8ce4e5245b6a4f04930c89b309e6d6905354a30e03771a3fbea54d21d95fa69dd6b83280bbd458e0a7aea8e340aec337215b16390da83e1c7130

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\LW1WQYO0.txt

    Filesize

    608B

    MD5

    ae7ad5dd51214281b7c6ad12c7d9404f

    SHA1

    d6d903d07953d6811b58ed295386173e80f79119

    SHA256

    92a01298e8bb151c27e4105ed262e0ad1c35deef8b4f6f5acfe58e947f837a86

    SHA512

    1678e1fb892aaf24a8129359fd560243ae952a26a39b3a366849517dfc09c1b7d5eb16e39603188c4f586e2f77664038f40bd2df9ce8883704b00c9e65759123