Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

RFV05KJSTW...W.html

windows7-x64

1

RFV05KJSTW...W.html

windows10-2004-x64

1

Resubmissions

17/10/2022, 14:48

221017-r6y2yscbc7 1

17/10/2022, 14:47

221017-r6bxescbc4 1

Analysis

  • max time kernel
    46s
  • max time network
    49s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/10/2022, 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RFV05KJSTW093FGSQW.html

  • Size

    197B

  • MD5

    44a996bfd69170b3ab20fc34e8cf203e

  • SHA1

    0705154751a757b976ac23f852854205d153c290

  • SHA256

    629af1c59e3b773bccda809191c580569d2b3b01591dcfe1cbc13a6d3d17777a

  • SHA512

    2977e4ab10a6e0fc43302d2277a67850c6c4c6dda8d7528e79f4a47c80d0b161fc0add2aaaade122b0dabc3c635124dddae6eb36f227c91f039ef507fa379e7e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 23 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\RFV05KJSTW093FGSQW.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2856 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:5028

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    df08ee6338ea21249c086d137a7c8e8a

    SHA1

    8c84963709f58c0959a41069088b18a44d9b1935

    SHA256

    e56f9839411b377c8ed9627188f1e88e42434e0bf24084f7c0eebb714a1e50b7

    SHA512

    851d4aa3b218ee83e9e601baca06c1ee2457d278d05b303120411db000dc7b3b0ea9a06e9744063dd7692002dc35f537f86f5563e456cc650d50dc733bccdc36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    985914bb3fffad6ad57b901feb754ff8

    SHA1

    2756d0127294d495b4e01f013d5695fbf80e89c1

    SHA256

    c3daa9e135a6501052afca9a8f677234a130253ae832a789b7daed5f44cf4328

    SHA512

    d087ed44d825e710063be177ef0bacb0c944cc5cd834a263149c3a0ede9eff011aa5eee2f0bcf6bc0d10bfe241af4b20c21e15b323ec40e26b76ab5fb522d7f6

    Download Submit