Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    90s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/12/2022, 08:36

General

  • Target

    01a170821ca115137c3a8908b320e34cf670ac51.html

  • Size

    2KB

  • MD5

    b457bb5e1691c87ce42e2741814e00f6

  • SHA1

    01a170821ca115137c3a8908b320e34cf670ac51

  • SHA256

    641e83271acbd4319d3cc94d78c6ed44a8d64754e315e5d4dd84093a88a5c41a

  • SHA512

    8e336571df6a15979fe90c6c84ce64bf37418887d5dbca8dad6e5af2758b3ffeffbb2ae2cf679c46ba0fd514b0c67f5e87a5d7774ab4f9783c08693d2260da2d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\01a170821ca115137c3a8908b320e34cf670ac51.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4824 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4104

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    3e8881458dd01d5ca71b73debcfec2e1

    SHA1

    12d892d5afb77ed8cd79cefe8926cfdb915537cc

    SHA256

    ba931970d8fb582ba5684b4f9d9520fdd83b6b2469c6a4fabf678ce3941b1521

    SHA512

    92edc6f90f4c1281d96ce5d473a8fd510d587a3d699c4cd507728bd189f6d19368202b8c01ef7ac6dbc6f8d5263736aee68e2d861caa59f4481c8133baa49230

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    434B

    MD5

    9b4cf90c8b75df2a8ed44e40fa6ff195

    SHA1

    a888f6d1c46de59ab81a94ee6ea74226cf40dd50

    SHA256

    8490da45bf35a898aeeea603fa5ab7faf8501b7552252f5a29656f667073cd66

    SHA512

    7fa3acf2532c70fc85ad4a126ecddf7db8e9e5e6a05c474a429126249877bd5bb2ce4c33be64769928e2de5f55a3977ace5e60d13a68036d17d863e39bdf2a05