Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    60s
  • max time network
    61s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/01/2023, 11:53

General

  • Target

    http://consentcdn.cookiebot.com/sdk/bc-v4.min.html

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 32 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://consentcdn.cookiebot.com/sdk/bc-v4.min.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:680 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:5080

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    ee0a37a05b705a5f66ebdd61da30b479

    SHA1

    136f52350f4f9213cd7a3062b4143b64a54c9549

    SHA256

    11a400393192414706b8051b4b37f3ef76d81885d41e0259d17a1517c2ccf56f

    SHA512

    c724734022d241f608b8b9515a6c1c87b4899f2d2dc2ea637a6c2acfabf7f00864bcf4478359f9ac5de31316046151e25eca389b8a9d136d4d84fcd61f9670bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    7a28029d95433b9ba441dfed522a5fab

    SHA1

    4ac56f91ff72d50cd9c4c0f001be2d8ea937ce77

    SHA256

    9bf756d6ec789ce508be8fd6248e619bb8f2a1ad6f6c30b453478f34bab1d86c

    SHA512

    b1b13af375660852f280da6054602c9e1349c2f067a9a8b1640308ef6d14dda4b78201498e03d2a3b3aa5c5544024343ce13aec8172116807aeea88a0ae18b06