Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    281s
  • max time network
    188s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    22/09/2022, 22:17

General

  • Target

    929635aa1d7399793a94c86598581addee1936a62447ec6f60eb23a254f83f67.html

  • Size

    6KB

  • MD5

    5050d6ee596024d6278bb5d9a9160701

  • SHA1

    27f0f35b39e40ad2786556a25189f5ebebc7b789

  • SHA256

    929635aa1d7399793a94c86598581addee1936a62447ec6f60eb23a254f83f67

  • SHA512

    9df19ed4b2ccb84dd96bcb1cc9dec0b23a35dbbb988ea270e9e3f230f2c70c40954e1e073744d614f98fda4d43dc34e4d1817f7752de865fe55fa3c4e76efafe

  • SSDEEP

    192:kCgUXmXbXqW0N0v0CaBz0wY8yr/kf2jRnQ5/e:kIIr/kG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\929635aa1d7399793a94c86598581addee1936a62447ec6f60eb23a254f83f67.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1784

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    340B

    MD5

    5754285e8f228f477dcc767aefd59117

    SHA1

    c301a8f77d44ddcf15365f5ae01e7e2596658550

    SHA256

    fc8cc3c1b269f345a1fb0abd3ba55b238bb898793f7d157b079bd87111632d8a

    SHA512

    54181aa24e4d76091c8b2ec1d8cd8865af6531e9ca98c48747f1e1fa12cbb5e2d25b8722b360b7479b96b2c65bda308cf47a0176f407281c34a7533c049a2d99

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\39KMH6XH.txt

    Filesize

    601B

    MD5

    92890062d9766ce0719e10696619d9a4

    SHA1

    0f580be203d820cdd6c4faf152daa0dc67c29db0

    SHA256

    2ce741903b01bd596a222cb262823cb6007ea0896bd1806a8b379b598246acb3

    SHA512

    fd85809269bdb4734f23552d7a85744f615d28d6864d850d804595b708fabdd0830862727d88bfec5cdb736a42eaea7ebec768dc88a571dd52f983b0913b4ff5