Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

URLScan

urlscan

http://we.tl/t-ZRlwh...

windows10-1703-x64

1

Resubmissions

25/10/2022, 00:57

221025-ba2vzabbel 9

19/10/2022, 05:41

221019-gdw2saegg3 1

19/10/2022, 05:38

221019-gb4c3segf5 1

19/10/2022, 05:36

221019-ganw1aegf3 1

19/10/2022, 05:34

221019-f9raqsfdbr 8

19/10/2022, 05:29

221019-f6qj2aegd4 8

19/10/2022, 05:28

221019-f6b2msegd3 6

19/10/2022, 05:26

221019-f45wyafchq 6

19/10/2022, 05:10

221019-ftnjxafcen 9

19/10/2022, 04:53

221019-fh358aefg9 8

Analysis

  • max time kernel
    59s
  • max time network
    63s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    19/10/2022, 05:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://we.tl/t-ZRlwhHea1p

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://we.tl/t-ZRlwhHea1p
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2804
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2804 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:348

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    460fe13d503bfbb113c3ecee607f5a31

    SHA1

    52df07ae073bae09b9093fe2c60ccbe7e8dc47cd

    SHA256

    dfd7a4b3a98874808e3623cf75216dacd47b4389916e0faad7e0ed289743ce0b

    SHA512

    383f29a13884ec9268eaba1ee47bb73243ec7f4eabdaacaa77bdb2de2b0cde5f000b7ea527179c75cfa30666a06a9333268e06b4cfbef91f4d2b82c119818d23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
    Filesize

    1KB

    MD5

    72a5c7d1a5daebe9bb89e2beeef917b2

    SHA1

    b6225d3c969ccd3471b19573561347365e6ebdcb

    SHA256

    27c0a0b9194dbf031090f992f973a6d9914df1b748cff43b765e0eb00acd182c

    SHA512

    eab664fbb48a7a802515d9dc90ee7b40f92314686955ad1cac13bf3d3909305ac244b9d1cf0db678b1ac133340509ab235e126fffa0662fd97c82373c537601e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
    Filesize

    1KB

    MD5

    118988f47da9a935de21b5d853c268b7

    SHA1

    7a2bab710c6df8291f4a13c6a81422a61dc2fb1b

    SHA256

    7d2a716663443f669796c9baf1589ecd20115853784907cd8c40cd4c99f838d5

    SHA512

    802cd9ac2fbb3175dcaa17d3e989f27064ba776232da6fe2151457e87d13d536e80618c292e7fa202a39b6a292e5e27c8066f92d9405794ea44157042fca2eb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
    Filesize

    1KB

    MD5

    0883c9db20c44dfcc173e2bf63dec5ec

    SHA1

    a4b948f7e04bd3a6c7b0fdad039f131806d507c2

    SHA256

    327a3a7373a495bbccef9ea75ac87eb9455548a3fcca6f0ecffd1c4b08f111ca

    SHA512

    6dda9e0afd525ca65817f218f3a0206e905257a3d59745752973434963789d71c8988c18829df240bc1a100bfb202c1b2b22ec6653f43f87d7b0efa2a3d7624c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    269eae92ad602fa4008e8f812c26584a

    SHA1

    63e071a0561e555a1e996883240a6d85a45f2c69

    SHA256

    5c2496e7a1daf6c5ba3593b4bd92cb0aec3b8dec302027f4d9e372dd56c9af3f

    SHA512

    ea6527a3edc826e8f703fc573fac08c905876d3940d4a91f692e97546f43598693b5cd0cdf3dfe0d284f8385549064776cb08b893bc8d2067a66bad636da3b58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
    Filesize

    442B

    MD5

    ba9ced4e47f75ca62573bf606231361c

    SHA1

    859341c52f6b48060f3f9c5c1604a58a88acd8c2

    SHA256

    c5107f11d00036c356f5ed384ee15c9dc569de1df08ddb1cab9fc43bab1e46ba

    SHA512

    260c2c0c5f8db5f7301fc6b004eb2844eea36d56add31ac0ced62cd778010f5659e7d3544e0d3df50d5d8e266d6942e2a7fc77194e269710872251e88abe59b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
    Filesize

    458B

    MD5

    e4e4a3b1455adc808fa5a3350171a8cc

    SHA1

    6585fa9f468096b975e27733bcf5a4510acae89f

    SHA256

    aab77fc0c7fe88499b73c75a29a39a08d0f22e0083aba871c68be0893972d40f

    SHA512

    9327fe4352a2c1cbbb00131cf192531e0f72206675ceb56cc1ed5a031f4a3ffbde7d1749e935c595ee6bbba2e1f6675b3cdec82b3822bf86f9d5d63ddafb8fa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
    Filesize

    432B

    MD5

    6613184fd3c2c4a748ae68ccc3202d3a

    SHA1

    495beaf7a2d739e3ebbac50b9d2603168d8b091d

    SHA256

    3f92f1affc93f53dec4fcc0b0797d2bc1297a1ac6d6fe690405d042ed29e44ee

    SHA512

    84755b164a574aa82ef2eb3dfb2b9eb1ae04fbbd2d1e56f4d83a6bee0cf164fccab5151920db540dc6128b51da7a23982efb1cd9fb2d693d505b9bd8b1c7abc7

    Download Submit