Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

URLScan

urlscan

1

https://antispam.saf...

windows10-1703-x64

1

Resubmissions

05/01/2023, 06:48

230105-hlan7abb52 1

05/01/2023, 06:45

230105-hjjt3sef2w 1

05/01/2023, 06:36

230105-hc7bssee8z 1

Analysis

  • max time kernel
    148s
  • max time network
    142s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    05/01/2023, 06:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://antispam.safe-industry.com/invitation?lang=en&id=10bd979e-a9bb-4fe8-833c-7641709c42b9&utm_source=DA-en&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://antispam.safe-industry.com/invitation?lang=en&id=10bd979e-a9bb-4fe8-833c-7641709c42b9&utm_source=DA-en&utm_medium=email&utm_campaign=no-robot&utm_content=onpremise
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3844

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\45253D621EA9F2E0253B4AF8D44565CD_83AFB528BF9C65BA85B751A2959985D2
    Filesize

    1KB

    MD5

    f1a24f2612a3778f9de253189a6e4be7

    SHA1

    1b4497bc191fb65d5134a312842d46695cc7fd14

    SHA256

    15a67070e0296a6a532f15feb5a3e566d48e823daca0274dce7f067883e5c6e5

    SHA512

    7d3b68f481f15d1046bc9549d4ee565d9b2c7761f03c0b4894f997ce88a0c8884567d95bc74057a4cc51d57c2d282165fbaf9945436725c4996933aceea4706a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    99446fc0c7f7d4b12e462a96d9aaf7dd

    SHA1

    84c6f8ae5ee2370c549af11c93fdd27fd0edfcc5

    SHA256

    37f9bfa1c3e5af64ecd96ec2b31665edd3d62211123153fbe4d3339ff0556f8a

    SHA512

    fdabad9e26ee09498e38711e3466c5a5535a75d1525f2764bdd587742407e5e596767195089a3f6aafd49ec001d9137b571372daba0c0cec1149d42ef6f0f64b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
    Filesize

    1KB

    MD5

    0fdac825a48ee794fa044d489b4c0349

    SHA1

    d9a577a3aa8486c0cfeccee7de563692b87175a7

    SHA256

    60700aad17d1e07af4302ec899516c393f4818d91a3ed169cb55309d1f99f6bb

    SHA512

    fca3dea065fe110eebcdb7187bc38bcb973871caf4a49325c17dea484ecb79424226c27b8899917de02711dc88e59ff6623541b63f0301204072304c88f7c9a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\45253D621EA9F2E0253B4AF8D44565CD_83AFB528BF9C65BA85B751A2959985D2
    Filesize

    516B

    MD5

    f3951a6b4b5c6c6dff56b4388cebb87a

    SHA1

    b6a7398f096fd3af54fcf675ba97af8ee9333d84

    SHA256

    f4a2726c93f95a1ab63e2b65da157ae3deff511993830e872d1d31e58608c10b

    SHA512

    3c35000ec45a37292a0705b5e783f3ac028245c3841e42eb740e4c1cb4bcefa23e64f53b42493fabd3c8d50cae0b8859c29f42e19851135191e06239b6872c7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    35d70859be754cfb67d01f22d58e9748

    SHA1

    9d0994330d71cb14f2e11efb4f4983bf41cb3f8f

    SHA256

    dce16214529621df64d1f410b50af777d0a6ed9e3b4a210136f2324650f8a830

    SHA512

    0bc9cc834ab63b9ca2640e071b50b05a9d7d0e753be3c7699588ffa806f630cd61ddca20292e8fd13fe54ac07979375d3c8f933e1ced5d967133eb30127269d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
    Filesize

    492B

    MD5

    d04861a6e89cde5c3edfb5a55b12c880

    SHA1

    6abfb5510f56670580b1c534bde124b18e7221e1

    SHA256

    84677a504ea9762b1d91488b464f5b31ae1b91d0497417ad25f56e4f1b5dc035

    SHA512

    81b9503acccbc88fd42633b2e33040faa93a5390b77843baa817191b4038691e7eec001c1d1018d97466cd79ce794d0fd0eb4764a5745102ab3269ca7a6234f7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\C7KJAF5Y.cookie
    Filesize

    615B

    MD5

    156bd53b67c2899c4899ecb528b75792

    SHA1

    3f5f51d0c5e6e92f51ed2de94479fc2f072695fc

    SHA256

    9286c76eee40eeaa33bfb7c3fbb41331054902929c1af9d125cf0df8997f5085

    SHA512

    749922d66e56bc60d538c6f6c20416477932930befadb835075a554a16451c62993d9cc6c955200abfc963ccd99f814e77d1a078f1bb1721df888d6c307b5f09

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\FY5SPAOP.cookie
    Filesize

    614B

    MD5

    221354f09f6004ed8704f7b3893ab69b

    SHA1

    735ff4afeceb8ed17d3fd277843354b89bb428d0

    SHA256

    d5a99294a604b4c0105217386323390c041ca89f9466fb5f6ca634a46b4c6cf6

    SHA512

    59993dcdd5e994928f80f09252630eac916dcbfc6db20b98b445d2f00082101bc1be0c4c8a47d535d2cc9b029f6628340fd5c384d08e7a48ed7ce15a76bfc2bb

    Download Submit