Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    109s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/02/2023, 15:04

General

  • Target

    Invoice1923119-6.html

  • Size

    296KB

  • MD5

    1a609235b55306bcff393bd3ea81e789

  • SHA1

    fb66f964eb83a51c1dadfe1924e403eba02ec4f9

  • SHA256

    e1b5dcac22dd5f8d70c3ec0aa1927cc617cc8fda370965cb7ceb56eef3029064

  • SHA512

    dfd85795b52131d0db9bd7eac31dd766453ec4de3f132bfad794db5888b5c51d48f5af92e78f9daf4dd18db3ca92329a0446dc7cc422025fbd3882bbc478cce3

  • SSDEEP

    3072:f+cbBONCmQhrNkozJqvQBbT1xCejGDLqQwjj5hH4CRAPl8hwGzHuh98kBqKFC3:f+cONCmQ+QZSAjj5hYCaNARzHuPB2

Score
5/10

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Invoice1923119-6.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1064 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1808

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    9597f3dce8d1b570f78a65ba29110c19

    SHA1

    ea96f130f2db9598f8785742dd6980e87c0b842b

    SHA256

    6385202cebf552cb037b90b20ca921f8b481b3154fb6460be44e2686252768d2

    SHA512

    b97c6755a29fcb84540e32f60e46d1b39183b9e972af5bd8edb6fb4659ea2b7f01ab1bf1ce4fe50fa311b6cceb715d128feeb7dde17c6db3d7b2f43931934d6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    bfedbdd29c418c7e05b8e1f6d6853fc7

    SHA1

    92ce61865678ff1f50f6604974804b1d33b37e42

    SHA256

    9b7c094d3367b8b1bd10da618f215f4dd9d9d3dfeb98e6066acd5e74a6368d59

    SHA512

    13550e83b071a93aab63be1e4f8f61815b712fccc4a09a5a3299f1bc62f5f3c8861dd432802ed5da97a077b81e971e4e6c02ed8b285695feff41c65831e612b0