Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

URLScan

urlscan

https://www.klgrth.i...

windows10-2004-x64

3

Analysis

  • max time kernel
    42s
  • max time network
    49s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/10/2022, 22:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.klgrth.io/paste/rb9uf

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.klgrth.io/paste/rb9uf
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4268 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:5004
  • C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -pss -s 452 -p 3916 -ip 3916
    1⤵
      PID:3276
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 3916 -s 2472
      1⤵
      • Program crash
      PID:2312

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      471B

      MD5

      77a5fe334f666d4abee341d464457838

      SHA1

      0e31de696f343cf8565ec3de87a236a66a8b5d64

      SHA256

      bb07254543e22422027fa5f3c7af9e2b5a6b69bf6925fc1ecf128cb27e9a6dd0

      SHA512

      50cfe44a977775350ed5e98e39c21b2d43321eabd0f4dfbdcf2644f41d8c6fde9b96e480a34e4665c021a315f4db031e90f3d84cf46ebecc5161032a63da74d0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      404B

      MD5

      5408bbaf1a22093601c78296f5645fd5

      SHA1

      4a49d35ca8cc2a7b29ed2bb3d53654f91de02481

      SHA256

      88c2760d94550df4f7e48f898298b841c4e1a4e9d101ab10098e8fed20ca6e95

      SHA512

      27471de0880813a0e80f922135f73c367b6447b030e5cddf0310a4724e4a229bff5e430a2c26e40dd09f5c566d16e82b00b10ae966f6133a46448c57a671705c

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dqptnfu\imagestore.dat
      Filesize

      5KB

      MD5

      6efb2b617295be83898329c094afe767

      SHA1

      d8134e26bf743d431dd30bf0d8cb447435761f31

      SHA256

      ed73b75c930025d6f52694952ea77cf5ca41de821c9201c4dac2adc4b602b794

      SHA512

      85f95f817cd28eda0ea436843c6318fda46aa3c228dabf4ff5fba05f223cabcfa43af4e14700f221e7d9688e71d202d33bb6fab1222a9949bacfcf966184f07c

      Download Submit