Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

5041a56ca6...1.html

windows7-x64

1

5041a56ca6...1.html

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 21:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5041a56ca6ef3292a0d84b24575b1aa1aa7494769e75e62c326b01016580faa1.html

  • Size

    44KB

  • MD5

    5f306b47f4b9c4fea08b77484f71076d

  • SHA1

    f49dc95869f4299d8133991438999456336cf277

  • SHA256

    5041a56ca6ef3292a0d84b24575b1aa1aa7494769e75e62c326b01016580faa1

  • SHA512

    5e2fefe82a7b082cee7f8ed368f49bcc2bf50f4cf165cc6a374098bd6eefe40a0306089ec3a708740f2a602e58165a6fbe98c515ba4b58883879fc527017aaa8

  • SSDEEP

    768:znGflihhhhhhhhhhhhhhhhha6u2q3aM7g8+bGAZPWHsXHm:znGflxPqM7g8+brZPWHD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5041a56ca6ef3292a0d84b24575b1aa1aa7494769e75e62c326b01016580faa1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1884
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1884 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4396

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    6a15e3564b9eb382fe5534f59d6fccb4

    SHA1

    911dbc1a988c2d6816beb0c21c4ea5402253b884

    SHA256

    6b478c66c9a2024177d4a478ccea9a82f3162aa87a5125a0dc3750c920bdbc62

    SHA512

    2801f46d495eed08dbb10e73ccda4828faf4ef6b1ff3ff45ce8d73331e692381c25417d15c958f8c3f9c6932300cd0e66b1aad6bb5a92e2bf27b338b6d245711

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    af821d7dbe820da5e05828aa55c1d456

    SHA1

    46c69cbc2e856097bca6478f10a40cd58d4dd95b

    SHA256

    758ce8668dbbbce58ed5ac9086c0609efdb3bd38a5bf0860d18fd2d5797e6f15

    SHA512

    d6fa9b9575841202c19be0f469d8ec01bcd2a45c2b05e0c41152a5a5c1e20a747fe7ca71addfc274d1462ad768186a3758b03493b8f2bd709410bdcec52df8de

    Download Submit