Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    194s
  • max time network
    186s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2022, 22:18

General

  • Target

    fe6d087e1e064aa3fa0918324c0e6ac2a179c61232c06ad8c2a0bf33bb024d73.html

  • Size

    6KB

  • MD5

    0fed01b08fb041aca514f60b34f30cb0

  • SHA1

    6367001f179967be822f2f8f29dfd3f2564b3fba

  • SHA256

    fe6d087e1e064aa3fa0918324c0e6ac2a179c61232c06ad8c2a0bf33bb024d73

  • SHA512

    8a5502701fabb6a20e15b2a3463e8e8aac58a354453af861b1dc95a3c534d6373bc06a997cf174f633ee7ba434b1270ec9e5233ecba5c7f97120cb670c60670d

  • SSDEEP

    192:uCgUXmXbXqW0N0v0CaBz0wY8yr/kf2jRnQ5/e:uIIr/kG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fe6d087e1e064aa3fa0918324c0e6ac2a179c61232c06ad8c2a0bf33bb024d73.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1044

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8b7d0efa4804b8644fc86f891584101f

    SHA1

    3b4e7ed01340fe308a1697eb69fa7185af5f135e

    SHA256

    aa35e41da326d8bda00d4c703fdcb0476ce56e3094744bb91e66f424c8ad8c2f

    SHA512

    bd4a5a791cf88d39e0cc10b57323c7561690ed8db732f6a9f5397f129f9754493a8092bcb89cf257d53b051924dac311908ade0d065267e33dc4747ba0f93671

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\DRC5LBCD.txt

    Filesize

    596B

    MD5

    bd9465782d72f60f90df3cd9d4289a2f

    SHA1

    44dadfb8a2b76ec43ba58e3a3a781c8f58e76c8e

    SHA256

    46143b24c60490c729a8d81fd0b2717bf1ca71a119770d6ba6171645c26af9a1

    SHA512

    837739ae81eaddd527d7dde09ebc8fac81ef10a6cf38bdd66ca661ebf26c7a47acae0b26930a9ce8530ba13b6e0156b569b6d2857d6296b78fa7ad3b9111a63b