Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    100s
  • max time network
    191s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    09/02/2023, 08:10

General

  • Target

    http:///root/sample/2d2b5ae5058abf2e4cf3752cbcd796218fd37c5d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/2d2b5ae5058abf2e4cf3752cbcd796218fd37c5d
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:432 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1804

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\MQJ58B3W.txt

    Filesize

    593B

    MD5

    aa43ed7ab5b20b8f1b91a5da02ebbe3c

    SHA1

    6afb10144b0e0260846522f8dc33e40bd90a5e9c

    SHA256

    7d0b6f07860349562a324b06810e5ca27535c4ce3b65e33e33a5da9f981febc9

    SHA512

    47b262d2eafe4e28e70099649712a14ca0e0d533df6422ea01944fac22834a311c0543e8ca23b9c66c17f89a915a47c297d367776224079a6aed95b669ac6d80