Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://www.aquiyahor...

windows10-1703-x64

1

Resubmissions

13/02/2023, 02:20

230213-csjyjshe9w 1

Analysis

  • max time kernel
    105s
  • max time network
    125s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-es
  • resource tags

    arch:x64arch:x86image:win10-20220812-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    13/02/2023, 02:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.aquiyahorajuegos.net/whos-your-daddy-pc/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 5 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.aquiyahorajuegos.net/whos-your-daddy-pc/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4708 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:4728
  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\UpdateUnprotect.3gp"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3620

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    ec8ff3b1ded0246437b1472c69dd1811

    SHA1

    d813e874c2524e3a7da6c466c67854ad16800326

    SHA256

    e634c2d1ed20e0638c95597adf4c9d392ebab932d3353f18af1e4421f4bb9cab

    SHA512

    e967b804cbf2d6da30a532cbc62557d09bd236807790040c6bee5584a482dc09d724fc1d9ac0de6aa5b4e8b1fff72c8ab3206222cc2c95a91035754ac1257552

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    b361a12d0722996eedeafff6f3ab3ea0

    SHA1

    91930bffa495d1e86439145351811adfd5a03bab

    SHA256

    8e32031a383bcb05030de62028384fe72b699bfad83b040de9698305d29494d2

    SHA512

    fa426d3bd2263009b9e95e1812773cab7d1daba5e0a8ebb9b66829df1a0eaa48d9c4d7a8d9a4afd4d62a143ea60375cfa3ced2682d5d1306d2ba3a878cf29d1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A4C286EE8C1AFF7A4553A6BBF4F79799
    Filesize

    503B

    MD5

    38afbd37358354bc37a593611218d01a

    SHA1

    5521bfc5c311cfc09951f88fd9dacbc82b2635fe

    SHA256

    a2a08ded8ce0cf7f07a4e87c16fbd2e9892069b0f960bceffb1d373931c752a0

    SHA512

    b0a1fea13f4fa1c022e0ee251178ae99ec078d7bc8007b2c6bc00ca774d0c36154a05a01a6b93b62b880c37a6fa84df8b77f854a363cbd2b776885575aca1e4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    f487ef585ca654e81364dd5b242e4362

    SHA1

    54e4f2609d3dbac86b95889625738dfd21f9dce7

    SHA256

    0744ea6eb6c1fc2fa3ecf758fc693466ca606d358f8d6e5e6026eef1b0422161

    SHA512

    e7f4c810bce35b40a96e2fccc97d1b0fdda37eff3622867f35c8c8ae6619e45500b2c4ff06579f64cb65795e94e573bfa3637dcf7c69e5ba29a3d6ead0f1ddb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    cc6fed1d7d33a635db7a0e76f0210e20

    SHA1

    1c4feeeb6abb27c95e9957eaa350416bd6a7f533

    SHA256

    cad8036e3bea792429a268ac3ad067f0fd0df954d667e1a6a82946e9aea9963b

    SHA512

    4b1a5394a5563fb92a4c132652f76b7b1ef3bc0dcf304a26711f0ab4479036950fcefd3d22d9b812499137b6373b04434bc1842c99534090bbb67eea41a9825e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A4C286EE8C1AFF7A4553A6BBF4F79799
    Filesize

    552B

    MD5

    83c4e2ddc6371330c284531eaf1d9646

    SHA1

    80deb2f14ad227129e4d430d685a54ad908a7194

    SHA256

    c8c41cf6fc6d70a9f73280cfccb740b2b1c549a93970b95c4be9f58262c8bff6

    SHA512

    7d32bfe8d4a2d19b7f129a2e8674b9c3ad07bee4cb3c3a1d3fc92d91d0abb047f3e4e55963c5b8ea0e7a7e88cc7764222a47d2624b2d0ae78c937545b6f31190

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\D8AXV75O.cookie
    Filesize

    611B

    MD5

    282f2f37379a2b8e9e41e1e3c84c294a

    SHA1

    43315afb7c8add660f41f692d299d4a79826718b

    SHA256

    7a2e8e25b1402d5e2124818d8b44d77708c430683a55d8ebbd3b09766e7caa15

    SHA512

    8b7c075eee57246603c808974af0e4ae5737271a508477f30932db1509f6c5fff9e900894de01fbf529963d07ba259bbcbeb06233f81b03d67f045d693a48b95

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\J44EBRET.cookie
    Filesize

    612B

    MD5

    89b8dce5e354b17f5c1c9c6614c993bf

    SHA1

    c6d3d29af9a60e13bb3696c9838d72497dc963d7

    SHA256

    04dbd1ef4a60236d0c2acbfdfefae2fa854d0629689859618ccb8d73477cac03

    SHA512

    7c871e55da92d0ac30873de6024e380d2603423438ff5ef4efb55bab7bd3ecc33727d967415f82cab1bff153e15e7793b887b69962ca47b3aa633e58ab2bec51

    Download Submit