Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    136s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2022, 11:10

General

  • Target

    c33c23c7d92178521e6493cd2e7f272fac7739df21c400c1679d429aeb7ddd23.html

  • Size

    94KB

  • MD5

    abcd51d3a69bd7fa9ccca4d6c4caa0da

  • SHA1

    2e413b7d0b4de435cfb28f99954e74195a724d27

  • SHA256

    c33c23c7d92178521e6493cd2e7f272fac7739df21c400c1679d429aeb7ddd23

  • SHA512

    41c22119a9af61e468d4a2e05d0545808edbf9999b2822117995fb7772057e5cf3d01df418bcf4a3dabf85addc630b6a0e1c4f3ed161d3e79def42999e38784f

  • SSDEEP

    1536:hcDJHH2whtVNibtjnU0ZaakMEvdVKhAz7odchvMRtNkMP:ONHWqUbtjnU04akM3eHodchvMRtNkMP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c33c23c7d92178521e6493cd2e7f272fac7739df21c400c1679d429aeb7ddd23.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2028

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b12a7d349ac3fcb5bec4b6f7ec4d3168

    SHA1

    5c3eb478f57550b0cb919fb6c13d00101b92488f

    SHA256

    07f3509ff84a31bc12533d22e649c0756e5f5f4d0c8ba985134a45a704953383

    SHA512

    d5062dda0a9a7fccc3bd19141428916ef19d1bb9ba3fcee59f82d9ab0e388a51ef145ebe7f6d674a359dcd2271680b041edd9583dbf54d7a897f51eefd3ae5cf

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\I4X105H5.txt

    Filesize

    608B

    MD5

    4cfe4972d2742bc98d9dbea6ee6fdebb

    SHA1

    12e465fddb5355855ea1245e3edd8450025e72ab

    SHA256

    5e7f95e67173b7f539193883ddafbc28bf2be01b686e98a4c00074f3a5c6a180

    SHA512

    38785332b6143e4d59e67d48497eabc36ecf7724915bd1655c7f6edca6305b2529e01c741c4683a566c1538b1c1f51aa659c7944b1e98f939cc974d8ca2e0a1e