Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    100s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    10/02/2023, 13:19

General

  • Target

    http:///root/sample/a876d356b530a76d6b0e0a291e4830bf61340640

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/a876d356b530a76d6b0e0a291e4830bf61340640
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:864

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\UXICG1NV.txt

    Filesize

    604B

    MD5

    a966404dddf21c99ea6c16d72e3992de

    SHA1

    163e6c2fa7d625ff15134e1d2c8c3f7b6028d051

    SHA256

    d6619e680f71e5ab511f8488cd32e0bd8d5fdf2ed0735cab0be61728f96fe80e

    SHA512

    0e8c39b6154ed01991cb914e008e0a9ec00cb7d6b4a91635241698f67070c92c9df12dd2b8142d5d1eeca1b78c34802927ab5337fb5790d717a80e4503ec0fa8