Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    145s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    11/02/2023, 16:48

General

  • Target

    http:///root/sample/48d4db42076017025acaf0f72e18b7b13365ee6d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/48d4db42076017025acaf0f72e18b7b13365ee6d
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1884
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1884 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1652

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\PUBEG0OD.txt

    Filesize

    608B

    MD5

    998de7951d4a34dcad9aa4e3af825e7a

    SHA1

    4e28362dec2c4e1cd48b422f23b50da21b4a9d1e

    SHA256

    1b5db8b28b37efad79779950b16f617f08f98680559fdd70fec98b14478d84e0

    SHA512

    2c0d363333d5ebe358ba16841ce21fbc50eb2583e10cb2f0c0f03926c6ce8cfea86fca22f5f1205dbefb03866443e39c409b13ce624264f11e9f30a66b9c82a3