Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

Claim_Copy...0.html

windows10-2004-x64

1

Resubmissions

29/09/2022, 21:36

220929-1fwnkschgj 1

29/09/2022, 21:29

220929-1b8scacad9 1

29/09/2022, 21:26

220929-1agbpscad8 1

29/09/2022, 21:09

220929-zzeczachdr 1

29/09/2022, 21:08

220929-zyvzbschdp 1

29/09/2022, 21:02

220929-zvwrfscab5 1

Analysis

  • max time kernel
    3s
  • max time network
    6s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/09/2022, 21:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Claim_Copy_4958_Sep_20.html

  • Size

    744KB

  • MD5

    ddf5dcbc26beb02424101daddcb156ea

  • SHA1

    ae8a95ddd3e694b2fa182b37bb56f9fbe27c61e6

  • SHA256

    2468e9a24b9683e210b96542adf891839cece4418d1aa45b7117576971659ac8

  • SHA512

    20a20b48df3e7fb93ee71f582704ae733c00616742f7b03ce063049bae77168d046ce315be874b0a4197553b3bf358107e044ad37592cbbd515cc192b8c04794

  • SSDEEP

    12288:z6hZWwP5NgzdjT+Wnt4mkZK8uWpD0humBbEAEevW:u35SzdjT+1RZK88gmBbE5ee

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 11 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Claim_Copy_4958_Sep_20.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2040

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    a042902dbdea921b2f46c7d0198c9ccd

    SHA1

    c8deb19ba5d251f44c2bbcbf52340123bc9f1da8

    SHA256

    abbd85d1c316255702f6a692c549a64ede98dc77b2db39c562ffcd34002345b7

    SHA512

    9a4863916f16fa2636cfdb46d7403b0d263db0b155c13264c9f95bcf87122fe5659edae41f2fb6cd7a440e0073c1a66fc12e65b1f9a6d7de3bb6825e0e6c5d9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    7eda9b82fe403e62993192dd9a6b134a

    SHA1

    07fdd52602a933455c745f4a95bdc9ec9ab3c0cd

    SHA256

    c82dd87ea91d554537feedaa9e07565635a8945a14242b57eea85664d4508e71

    SHA512

    ec1f49ecc2cdef1b5f91550ff04e25798a27eab439200abeb0b93867a3ea8e9fc494c47bd03d622014c1e23854b04b608c127dfdf9a5070ac67c55b1479e2b1e

    Download Submit