Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://www.mediafire...

windows10-1703-x64

1

Resubmissions

08/06/2023, 00:43

230608-a232nsad4z 1

09/02/2023, 04:05

230209-envwcsbb5y 1

Analysis

  • max time kernel
    247s
  • max time network
    251s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    09/02/2023, 04:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.mediafire.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.mediafire.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2796
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2796 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4680
  • C:\Windows\SysWOW64\DllHost.exe
    C:\Windows\SysWOW64\DllHost.exe /Processid:{7966B4D8-4FDC-4126-A10B-39A3209AD251}
    1⤵
      PID:3612

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D
      Filesize

      2KB

      MD5

      88c1baba352577878a6c51f9ef6523de

      SHA1

      5a2e09c7386f4e2aa1a1fa42708566fff97fa59c

      SHA256

      582345ce77a9dca1a30e0f55591fb2bb1bff51ea3f169eb76afb6914fabd5029

      SHA512

      fff3ad502996c43af8c4518fc94364c2a7ec74f27af01bd6e0438cb09550679d7c02b15735231c4414935dbb4398dc6238101de4898351fdbf06f7d381fddf62

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      471B

      MD5

      2897da34e63dc7264119c1358edce0ae

      SHA1

      05ae97dc53f07ac4d0e98aa52af47863191a0197

      SHA256

      357487c69e685e8c74d3aae7995be2092b33b991b5232215146b70a91589bca2

      SHA512

      fc8d4a3934f90d475d477b671889638ea860e213417f5195a15da9326f5566e887d46321621ced75c2bd1a2eaa0f34cfe8762b7e55d5ae1f15c19dc869f70935

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\829FFB0DF47C9176229E32D6295F5F71
      Filesize

      472B

      MD5

      5abe016e431fd468d06f218dca0631df

      SHA1

      e1303a429c55501fbf509ddf53a9da8c6f515b66

      SHA256

      82c49a4dc5ec98f9814ed7664587413eede77cc37763bad7da045d26398588a3

      SHA512

      451c478bb9c54b254a3dc021beb47e822f5b42cf766b08a205deb394af0374edcd83bbbb8d3eb8aea641c4757590ff737775a010dc86d64e5224cb40d2083b2a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D
      Filesize

      488B

      MD5

      4f38e34134f33300879580bc41e435ec

      SHA1

      461303dff8e1092ab214eb7ff26db0d501e67468

      SHA256

      fafe59ed14062db68e43058d55cbbd7f8574b7b13682cafd4bbd6431fa389a54

      SHA512

      532cab7265b5ee729768fdb2a2e4bcb6de8a1e1bf5ac807372b75c2957d61970a9c04dc40795ff4f5b47d2e454ffb8db84425a59384db7e8e7bb15305036a452

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      434B

      MD5

      e1a695acc2aa48c343b257ad74862d14

      SHA1

      9fd064cd9ed80a7b6dc4130f34726261c31292cb

      SHA256

      f7d1b5c41504e0fd64f8f9a465aa28ebd74a67428994b13fe04e9f9a8604b77d

      SHA512

      f06759a3a952b3c4c96070fcbe8e5438ff74989e046a2a96eb4482aaddc3d73905f5d0a150eec1c9eb787328601323680ccac00c0c4b7e494d3cf2e023bb0707

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\829FFB0DF47C9176229E32D6295F5F71
      Filesize

      484B

      MD5

      469bc84768a4166af57c37df416fb934

      SHA1

      f35b1aa4da588d93956e9e884ac8b02b54444f74

      SHA256

      5fb117e598c45f7188942c91818eae037832814841353d5834174dc4c002d394

      SHA512

      528e924cca87ee89720ae2dbd9c9fd42a3c240eb3ea9aa669c4c7b0f9efdaca3cf0fac45072bac6a75c63776f4cb763536f611774f46ed1139ec9d5b2bfa4f8f

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\3ME1RIIP.cookie
      Filesize

      1KB

      MD5

      dc644b446add5db8594ca897d6501062

      SHA1

      0d17571db2607c2b7ef26fe82bf6b82c79298ae3

      SHA256

      108270f855342580d07001f3fe2aeb3561c55da727784dd59f60932e0eb97838

      SHA512

      cb0df9134fbf7caf2e6ba8b3a3fa416f6075cb230f3a62527571ae99fb92de4393968c5b881ebb536d06441dff5d429f7794044461c59fc1530edc0adf0df157

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\AHPA6H63.cookie
      Filesize

      611B

      MD5

      566ca57a654f4719fe319b07aab4129e

      SHA1

      f68544fb64cbf07ca6ac00d2c21b9a2388587b18

      SHA256

      599b102f6f71acb1be105546a912301f8845c20093b8c300d7bc66dfc4accf22

      SHA512

      a841aa9c3a01107449d22de79c40c874599ce8295a6867ebe103eb6f3a06a1226fded0be4a9c99f5fe4827b5410c54f5ada095c2c299eaf14c443886a82f2d0d

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\RT6QC23U.cookie
      Filesize

      1KB

      MD5

      b9b912f252089c9adfe25d021c3db3cc

      SHA1

      4227e5b9122598ac8c7a3ee48dd363a8b024cbc9

      SHA256

      dc0058a473ca04ed59a1c6f534a40ff1568ae549b93092ef6fecda27692a77ef

      SHA512

      ceac63bfc2650a1ff2c15bfe3f4cf7ea2f791ecb0d22f700780c2d51220f78b36304e915332b790739e53e97fef170ce32d3e2dd537405d6f37b3670fe8584e5

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\SDYN0XFC.cookie
      Filesize

      95B

      MD5

      4dfe6cfc8a252eda16bb10c2a08fe638

      SHA1

      ef6cd44a0680c88d30eb4733bbcf10ea5be868a9

      SHA256

      7c334b22a88c413f2f0d502dc8efd410387aed4566ecd12d90e1eced9068ecfe

      SHA512

      bda4dfeb7844ed97b8bdad36f02d5ca214027dfb742ac8746e4f2a596141f1dd532577499430ac35179a9fe34600e4220fee6899e459b47c16d4efe6b87d7dca

      Download Submit

    • memory/3612-136-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-143-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-133-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-134-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-131-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-135-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-129-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-137-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-138-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-139-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-140-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-141-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-142-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-130-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-145-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-144-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-146-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-147-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-148-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-149-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-150-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-151-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-128-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-127-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3612-126-0x0000000077570000-0x00000000776FE000-memory.dmp

      Filesize

      1.6MB

      Download