Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    194s
  • max time network
    195s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    01/03/2023, 22:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b5bc4ffcb4d5e05b6cbbc2e24a1f8fcf618f90d66aeae4e4a5c24961feb6dffe.html

  • Size

    9KB

  • MD5

    da478c7e6b84a10be0afc803798db947

  • SHA1

    bdd75519f756eb4cdc8b2bcb4d7ae0b255fab703

  • SHA256

    b5bc4ffcb4d5e05b6cbbc2e24a1f8fcf618f90d66aeae4e4a5c24961feb6dffe

  • SHA512

    2fb49a815297d79e8cb215cccb2ab2900e9f34638964d01aac94c7fbe96f7f476b3b66305009ab815e35cf65cc13bae1bb8afd21e2ad6e219ce99f95c5cd0be3

  • SSDEEP

    192:ILlg+wuv13xV1cSHYumoldjIINNMkcIk+Lx4AgCXtTHxxSZ1yz:I5g+3v13T1FH6MNIIPIIZLx4zyt6u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b5bc4ffcb4d5e05b6cbbc2e24a1f8fcf618f90d66aeae4e4a5c24961feb6dffe.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:468

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fc6d6808ae740634af67d0dda965ec7

    SHA1

    9010973744110fe6bee6f0ab09995739899684f2

    SHA256

    2106802c47c1cb02dd3a693a9d4b94b0ff37091e3e5053aaf2712c814918771f

    SHA512

    3ebaa44ac2395ee57754929cd04cd0640f2c5bf1eb26067704cf235556bd4ac132f944bfe5f450a86d82c74392126a0aefba7c38af5f2a8d04ac46c61595d95d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    884b4a9c6fa00dace9c532946584ad8c

    SHA1

    0a76c1e19f1c330f5b3d38f42d94dd51f8c6346b

    SHA256

    bd883d6d0f556cbe9ee03324f133ca6f5b68c8cddc1ddf0d2a8d5bd725af5102

    SHA512

    48a14cd278ee0ff9f4535fec72fca5784be3dedb8921959231c4510825ddc6051d76c60dbea1a922312e9d6df655b9793b6f708d541ddcb55267d1e44dcf76c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f26b2fceab0a3f2856a65a098123ad82

    SHA1

    d52475ef94645c8962add6c7f1c9208ad466c3d2

    SHA256

    a98dd2be985d3a7a5330e661058a033f1126843af3a8395a746eccdfd90aa15e

    SHA512

    828a84abe21b9ff807a2191c9d4bd0d6cf2e33f3d838afd4bfacb5ad56326b0f78fc8f9dc1b979fa126d28effde7437cbdcaa2c83bd55f6566a75040421ae34b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc417fac4d0849b9003925a417ffbac5

    SHA1

    a075201716027eeddfdedfc8511119c3ad4b82f6

    SHA256

    0facf37f4d828a2daea2bddced72094f23a25f0fd088d27868661bf6fe1d19a9

    SHA512

    511b6a66284a48e7eac20a601d6288f11cc338be97688de4d060653ddc17ca084d33e3123e330e10c1d2ed18c5649af0e7513bbc07601542653dfdbe0cdf92bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8fc78e3b825db5d44c272156e158ea7

    SHA1

    ab3fd871efceee3269667f3da1495de7d76bb652

    SHA256

    96cd663a8128da2d71d0250049c6ba2101486b89d797c95db66f7c99b47ef4b5

    SHA512

    0c29cffc05be7616dd14a4a7d729394893ff1c9ce07343fa52689d07c1b0ac7beb1ab960be95f66359968a3162b7a60ebf3bd5796717f96d9e200a4daad0f4a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    632714e2ca34e2f170e813e4c3720dd3

    SHA1

    1edca6a7d2d1d4a319c51b5af31476fc5fa03539

    SHA256

    88c275d915837d64673139b255f16d5841badbd109c4e9d6c9440ed5e5c4cff9

    SHA512

    a9c82b419b88881953722937ff430a3b619dcd8cbd8206a1cd6a5b183c5744ffaf9d7cffb69d9f7c64d40945185cd2e4ad787c6b80fe98431aa64ff64dff0a86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb374656443331e5c449d9a84b45198e

    SHA1

    9d7d636c1fff296dd7942adb1712b8f91cda9067

    SHA256

    d556cff061c325da9fea33393ec49c29ce03d59db00e12b792223e9493fcaf93

    SHA512

    f217b3bf0f71b3cbdc379d49fe3e332e23043ce93d88a3d17eba3d35b97c4a93e54b58ee246cf3719927b62b8ceedad9740127a9f502a14c3a50892d76d70ae1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cf5895337c8a46ca28b658124a6a173

    SHA1

    545153295b3d14ce760e7d6a7198728d73b3ae4d

    SHA256

    5e2081c5dcbe26fb75aac7c52c3cf51d5abc50a95a758923fe64c214436ccc03

    SHA512

    32d6358e3c083e193bdc8bc191f271e760149d8460c13a4cd5fe25fd54e46db96ca6630d4d60799cb3f5b3152e8dad6cdc3d137797d17630299018b2f8895864

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab746d676102417f4861653bf5f01aca

    SHA1

    21739ce244d87e52f82f09df5f41a6e3632a785d

    SHA256

    cbd2fc458a7554b8b557b92b1866fccf2fbda69c4c21a5569b33cb18f3f288ef

    SHA512

    d059b0b9dedd7cf2f81924ce9b21069af4d23a81ea345caa73d19ab40a1f0ffd7cdb473eda282f3fc033176c1efd0a5a818743aa7d39a49e96946893ac5f3a9b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZTPJYNO\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3C57.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5C8A.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5B8C.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5CDD.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\CGYS18PA.txt
    Filesize

    603B

    MD5

    30eb40703a15c04c1067866c40c8f5b7

    SHA1

    47fe812491682eae8ec9067d21aed6756e387c19

    SHA256

    0e00edaa001687fec5b15484954c362304d2e383dff58f664c2c9bd47c0ec758

    SHA512

    44670115f30dfedfc47ff0e753ddb663a7ef6f0514d034bcfc9fddd994e974441014458c9ad33eb54b6abb809269924dceed83b8f67f0b9ecf28fd0bc491a10a

    Download Submit

  • memory/468-55-0x0000000002990000-0x0000000002992000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1992-54-0x0000000002CF0000-0x0000000002D00000-memory.dmp

    Filesize

    64KB

    Download