Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    101s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    09/02/2023, 07:02

General

  • Target

    http:///root/sample/9b51ee2827d1f6d8bb5f10167c8236c768b5981b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/9b51ee2827d1f6d8bb5f10167c8236c768b5981b
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1324 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1568

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\AN7YZW7U.txt

    Filesize

    601B

    MD5

    c05b335f419dc42d7e0dd01e2a289651

    SHA1

    fd7a9c4ac679276cc69f57b135fdf30fb149ae87

    SHA256

    0c20b16719335d75a1ca687a647f996a72e3d60c90656723c7e7355dfd6262cb

    SHA512

    dada4b010f5a0f1fba4978d4cfbb4216bb397f5fea013fc6d39cde6e7d73a574b1152655827db198e25d1b3438086483f70e385c13038aae4789292dcc7d264d