Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    78s
  • max time network
    161s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    09/02/2023, 04:40

General

  • Target

    http:///root/sample/fd8c5d3ab60f37d674b6e24166f5c10e8fc3f5f1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/fd8c5d3ab60f37d674b6e24166f5c10e8fc3f5f1
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:900 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1932

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\AW5T1GBD.txt

    Filesize

    603B

    MD5

    f85e7a1e0a391cb6225ca413be8fdbaa

    SHA1

    af53c4d37fef2ff80f53c109043a6eb2eccace54

    SHA256

    9aa58c271b60e8b8da36bce98fb2a266611df1178237bfd05e155cbe2758e37e

    SHA512

    70a6a5792bc6402274358b6be63201ade1c4ec0c8a50ddb3b59e10fa666b4cf06da49e92da2ad9882682d05ada931360ad3ae78b781d528b232c740a697cc21c