Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    73s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2022, 22:39

General

  • Target

    510450b841820750db3a1ea7d9baefb07ea83912949b2cba28e0ca3d7bad1adf.html

  • Size

    952KB

  • MD5

    69b1c830226f8f4331fc7686ba2ef3f6

  • SHA1

    ada9bd1b5f293333efc00a1a554cb761d2c77414

  • SHA256

    510450b841820750db3a1ea7d9baefb07ea83912949b2cba28e0ca3d7bad1adf

  • SHA512

    cf3a94d582b349b4a5daeaeab2d9fa0a5199a19576bc4ac1329a85a2d784a1d4a6d2229d19625cbff39808f242da0f59d0f56d66a96b687574b220ef4ca12773

  • SSDEEP

    24576:x4loBmSrZ9+FL+U5bcD7wHpBlpLP7aT3u:td4AW7X

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\510450b841820750db3a1ea7d9baefb07ea83912949b2cba28e0ca3d7bad1adf.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4696 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:852

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    d4d443a25ea0e792142718c16af91a0f

    SHA1

    26548c59a5086269e51679a3dca3e7bd83daea28

    SHA256

    b0f96f3b571b7eff330f0109ab82447af0108562bf3937e530028d429adfd3b5

    SHA512

    7f49020d73b47a57fc14e4e3f2346b4b7595070fded5fbce9768310c8ab32837b3a4621f51d36798059df56317aca3e36ff4bbdffaaebb4dd921be5c9239848a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    434B

    MD5

    a3acfc8ed367571ab5986ca4ebedf654

    SHA1

    5b22b907b7b90e1ff231ad045593393dc25ab1d4

    SHA256

    644d359428055b2fa1e370a32ba44f09e0a629343ee05badec5b2d01142eaaa5

    SHA512

    9ebf275c2efad40d5d11e40b21b9c484fdd80ec4e6f146bcec83721c46be06a8fd7fbbf82d2b74c904550a676fd76bed1e6c9a5da47ac0ff65de3eb57a3dd381