Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

26fde1eb-5...91.zip

windows7-x64

1

26fde1eb-5...91.zip

windows10-2004-x64

1

ProgramDat...91.xml

windows7-x64

1

ProgramDat...91.xml

windows10-2004-x64

1

Users/kmla...on.htm

windows7-x64

1

Users/kmla...on.htm

windows10-2004-x64

1

Resubmissions

26/09/2022, 19:00

220926-xnpnfsbgd8 1

26/09/2022, 16:07

220926-tkzsgacdhq 1

26/09/2022, 15:41

220926-s44ebsbca5 1

26/09/2022, 15:29

220926-sw34lacdbp 1

Analysis

  • max time kernel
    150s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    26/09/2022, 19:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Users/kmlarsen/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/W4YE5R4Y/☎️ Voicemail Audio Transcription.htm

  • Size

    13KB

  • MD5

    743bce526b069f0c70069210fbf399b1

  • SHA1

    884b1d100def065ba2964f81bcea919a44a3a2f1

  • SHA256

    2dbd2d653764003082326aacc9b1267075039f95446517cf6560a74785828e16

  • SHA512

    e0b79bc1cb7be72282ce7373957c1af7f3e2333efe60b055a0acbb3fd6563da7c39e1a0520597797f99d7f28b898e19f2957103a67cc954c549964fac24c26eb

  • SSDEEP

    384:KbcrRYCh//If1GdYxNAPoIIklxYq/KxnppHltlfKRLWcwgWwaThTZbKob7/:KbcrR95Qf1EYxNAAIzlxYGKxnppHltlj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 53 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Users\kmlarsen\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\W4YE5R4Y\☎️ Voicemail Audio Transcription.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:799764 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1548

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    2efa986885f04a077f41620dd1da71f2

    SHA1

    0cdc31f84065e79b8f3ef60ba995c8625e76afbe

    SHA256

    1f5f462a3f20a2cabe893ed677d8371f89fce98621292e4d7a4a4ca2ca4c7802

    SHA512

    b4797e752860c53ae794425e2f65e1cc4cb08c65d7a49b216846385a462eb7b8dbab17cb91dddd6ad1189b2d24cdba6b88259f41b7be555b12891f28aa7e886d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    ec21d7b0db946b7ecab4c4ead789e338

    SHA1

    b708c1a90566be72204ed5340bd05d7224e51403

    SHA256

    e15133cd7594e706cf5141df1a4780c26e101c85c68262346f91b38d546cd47e

    SHA512

    d34772501233d31566db776e19b58a4d5b0ee4a76613ac0e9960edaf42bcda35af3d83592f71cb53a1ef9f428ea6e67e0624bd1c84d29f04c7a360ffbc03d1fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    5a11c6099b9e5808dfb08c5c9570c92f

    SHA1

    e5dc219641146d1839557973f348037fa589fd18

    SHA256

    91291a5edc4e10a225d3c23265d236ecc74473d9893be5bd07e202d95b3fb172

    SHA512

    c2435b6619464a14c65ab116ab83a6e0568bdf7abc5e5a5e19f3deaf56c70a46360965da8b60e1256e9c8656aef9751adb9e762731bb8dbab145f1c8224ac8f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_D29849B2B3CC9118078AA61A670027D9
    Filesize

    471B

    MD5

    bfc8c650e23854f708a3dd54fca4393f

    SHA1

    b54c061cf5a5306a68112d403471914e839a68c8

    SHA256

    84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

    SHA512

    df3124c351ec41e546f271608977b4bf16cbd40ac9b33f66fee45a4feebb00721e517294f68183cf6d840cf6f24ca2dad3629638dd18011509fbf69d754b11fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    f7f8e71acaf8e206499a4435cfdc229a

    SHA1

    d60abc6fc0b22343c0d4b3ce67d20c66e2240d91

    SHA256

    7bca403253768b59df356b80c7c0aa727f2b4eff27ff965dd9ccba35a2c42713

    SHA512

    7c67eb117e4ce1137213e78f4a23af7fc26493767a3b5a4b0c3ae9fe166b073c073c05eff99e015f36de8ab4f20b4d1b4dce9167a87400cff390cdda951a06b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    49ff64f74295a4f9cdc71bd40632734b

    SHA1

    d5f461dedf968778071a034b2358ef74613681c7

    SHA256

    3fedeb24fb32c3ba4d5634a012f7693c6d885467a35850e35102efc3d7f33f36

    SHA512

    32ab7b12405270645e9fbf0943feec7be494776a8624ca9f517dce330d0c3d0aec8dbb7761d251f44c8c985f8ccf8df8301502e8b63385af85cb9cb8c0d544a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16df99f0de2e238f561dcc25963f2dd3

    SHA1

    9be145d124c453991b8655b3c4d44ee4a44ade0d

    SHA256

    aa1afaca188e7d710333e4997419ec9813642df556a3e9eca7f18b1b8b524ac5

    SHA512

    1ddaf0a02682dd2c0adcd2d58d3b529c4363173970182592979f9d1e892376552b7ce371f2bf119eb16e897ca22de7f9c57dde555c464c58e47f7ed86030a701

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    55225296bdca8499eaeaa2a16f6db70a

    SHA1

    b3e9b0428a73ce42829acfd04d5192d9127c766c

    SHA256

    ce87f7b7838f8038f1062e6a1088d6837718fedcb710c07781eccbe12b9cbbae

    SHA512

    08d523cf1d2f9e5d9b0079929926f0bc9bc175e498788c50e7322be0884d16b2c66cbd0dda4afd2e6cf3a8b8d0ace73dc7fb27064f035cd0730a6e6974620139

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_D29849B2B3CC9118078AA61A670027D9
    Filesize

    406B

    MD5

    92053428ec6ee12957bd03b6da250bda

    SHA1

    21786697224a415848529d0777e18b53e5be665b

    SHA256

    256e1dd232573996c0ed08549bbcd3d20371b498e1c0948b0edcbd38f5e1830f

    SHA512

    996b69d143fea80b43627b9133ce1848808974afc61e85d7b606055dcfbecbb5504e70496044d434f417c6fe588a6778bd960aa234c56c751a9b8e5105619f47

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PXJIW9HP\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
    Filesize

    3KB

    MD5

    ee5c8d9fb6248c938fd0dc19370e90bd

    SHA1

    d01a22720918b781338b5bbf9202b241a5f99ee4

    SHA256

    04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

    SHA512

    c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TAR9OKL9\2_bc3d32a696895f78c19df6c717586a5d[1].svg
    Filesize

    1KB

    MD5

    bc3d32a696895f78c19df6c717586a5d

    SHA1

    9191cb156a30a3ed79c44c0a16c95159e8ff689d

    SHA256

    0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

    SHA512

    8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TAR9OKL9\jquery.min[1].js
    Filesize

    86KB

    MD5

    220afd743d9e9643852e31a135a9f3ae

    SHA1

    88523924351bac0b5d560fe0c5781e2556e7693d

    SHA256

    0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

    SHA512

    6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4TAQ562\converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2[1].css
    Filesize

    107KB

    MD5

    ce26137fc0d9b7d7a0d52ebe3a186512

    SHA1

    b9d7fb3fe7d08f46c2d1153bb47b13809375c663

    SHA256

    1304c5090f063c677a5b3720fe7b97ef4d9ea102e2bdd837ce399df6057fe385

    SHA512

    6a189c0858a150e6388648895b1950ef31284ea90795e4d45fd7e53f35aa364e49473367fd2142552a145cfc48ca89d8cb13b4f1b9039e050cf4e70026393e0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZN60M0QQ\arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410[1].svg
    Filesize

    513B

    MD5

    a9cc2824ef3517b6c4160dcf8ff7d410

    SHA1

    8db9aebad84ca6e4225bfdd2458ff3821cc4f064

    SHA256

    34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

    SHA512

    aa3ddab0a1cff9533f9a668aba4fb5e3d75ed9f8aff8a1caa4c29f9126d85ff4529e82712c0119d2e81035d1ce1cc491ff9473384d211317d4d00e0e234ad97f

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\B4ENVSTS.txt
    Filesize

    600B

    MD5

    bb0600557c7d6cd70a0bae7ed6009f85

    SHA1

    1b93219791adb65b034212fd4a7d2051d6cbfc65

    SHA256

    f29fdcb4eef1d546361560cc0470eed67a9bf44b3e737a3f21a6dfbb5ad1d0aa

    SHA512

    9a523488d592eff7b3c830285374f7db55e9c24ae901ee5f7044f34ac38b5c38c7737ae3612f45107fcd801af7bb69d6512559ea95c3538db809ae11502a5bdb

    Download Submit