Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    181s
  • max time network
    188s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    11/02/2023, 03:08

General

  • Target

    http:///root/sample/2f1678363c9d4e758aa7dfa9a50ed3fb1a51137a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/2f1678363c9d4e758aa7dfa9a50ed3fb1a51137a
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1668

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\NKH3ZVME.txt

    Filesize

    604B

    MD5

    c1f13c490e1920ac614aa08a6e5422bb

    SHA1

    d6df5fe946c37a32c5e6df04d31a7b2c03ccdf3b

    SHA256

    7b427791aa5dfaeff5c88e121b09f6922c9ac7b0fc1190e0a29642f63d48b627

    SHA512

    8d8a92c2e1e233188c4f49b1a4966fbcd74d9d7e724581a9501588be4cefd929c8c956d5c204fbc797e3470ea1ff16d14f416430369556f1f2e57b353404ac5b