Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

URLScan

urlscan

10

https://cg01dos86kr2...

windows10-1703-x64

10

Analysis

  • max time kernel
    374s
  • max time network
    436s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    13/09/2022, 18:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://cg01dos86kr2kfut5mqhaemjhidv8g7rr5l9ehll5vempu98t6mfa5g.siasky.net/?_kx=vTIPy2K0mY5ynYi-htrNCPhQFCkzF14ihGKH0x1jZ_4=.RGBj4d

Score
10/10
phishing

Malware Config

Signatures

  • Detected phishing page
    phishing
  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://cg01dos86kr2kfut5mqhaemjhidv8g7rr5l9ehll5vempu98t6mfa5g.siasky.net/?_kx=vTIPy2K0mY5ynYi-htrNCPhQFCkzF14ihGKH0x1jZ_4=.RGBj4d
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2616

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    ec8ff3b1ded0246437b1472c69dd1811

    SHA1

    d813e874c2524e3a7da6c466c67854ad16800326

    SHA256

    e634c2d1ed20e0638c95597adf4c9d392ebab932d3353f18af1e4421f4bb9cab

    SHA512

    e967b804cbf2d6da30a532cbc62557d09bd236807790040c6bee5584a482dc09d724fc1d9ac0de6aa5b4e8b1fff72c8ab3206222cc2c95a91035754ac1257552

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    e2f801ed2060ec1e524a22dc90253bfa

    SHA1

    c034d16f7336bf36a27d04d33e3bdc08e5eb5043

    SHA256

    2af23b59f601caf27504de53a1d3193a4bdcebf2cb8f2f99b205d69d2c18cfe2

    SHA512

    c3421e084fc0652fc538cbbc8723585ae1d59260ca643ed906fbcef1b826433ac5a883fa181bd119406cc55bdcc1f29120dce2f0ccbb55637f6cefddd32b6f5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    2d0cc7cc756948e3f1ed2fe9fd5925f9

    SHA1

    3157cee03afbee630c96ead7211b9ef83b7283f7

    SHA256

    2b55e1515975a595c3c1cd2c723120b6a57b96b44af53ccbe48102f2fa4846e6

    SHA512

    a8078b3cf36b2f1eab52d3c8b22e3c52a7a9aedc0b2a8f05c0fcddbe95442dd176000a99b1a8363429bbbc09831b06dcbe31c21c135a734d8ff0cb29099bca15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    d4c6938c803e380aa3d784e27743d6d6

    SHA1

    46b0f63195561adc6a49b24a79a37d2d96e211dc

    SHA256

    c73edec3b75ee4252a5af7b937e479a8ac248e928b83b79a8df15498c5ffb6c0

    SHA512

    e01ce294a70ce8ac1b2ee9a2208d44098acf66e4891b9fa31b3b14953658352838a9388c0189f22d8b009e4dc07e8dd93274ca38b55b18637af6b107c1c65be0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\231CM4GM.cookie
    Filesize

    615B

    MD5

    f7516d2d82d2a5a55d05f45337a6cae2

    SHA1

    eeebe3b8a703c85e0e809d21b7dd5acccf0c4792

    SHA256

    989facc93977b8af8f1f44339425b415c8919e097c9abe421e8a487078e27c56

    SHA512

    f549472fcfe91eff9928dd5d4717fb9bc6387525d133e0f89772d1da56953020ffe26e2b7025a742f9b077e5ee0c4c7fd2089970497cb4e586122ffea5922a93

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\37SW7JII.cookie
    Filesize

    615B

    MD5

    2744c3e1dba56b41428020072f2e8408

    SHA1

    3152b0fe88727a5836076646426d1fdfc867e20f

    SHA256

    b993eea9cc95b600c0b151078c08ae3060391b5e2c7b18bfc6fbd0409707613b

    SHA512

    a082132c9e1c53d6bc7e7abd8a95ebfa4ce886d7535799fe16c21fd099e5ed3470e3112faf6b7f9a794595419cfa7ecc3c8725d1fe8fe9bf0c849b7c72f9ba59

    Download Submit