Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    165s
  • max time network
    223s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    01/03/2023, 22:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b5bc4ffcb4d5e05b6cbbc2e24a1f8fcf618f90d66aeae4e4a5c24961feb6dffe.html

  • Size

    9KB

  • MD5

    da478c7e6b84a10be0afc803798db947

  • SHA1

    bdd75519f756eb4cdc8b2bcb4d7ae0b255fab703

  • SHA256

    b5bc4ffcb4d5e05b6cbbc2e24a1f8fcf618f90d66aeae4e4a5c24961feb6dffe

  • SHA512

    2fb49a815297d79e8cb215cccb2ab2900e9f34638964d01aac94c7fbe96f7f476b3b66305009ab815e35cf65cc13bae1bb8afd21e2ad6e219ce99f95c5cd0be3

  • SSDEEP

    192:ILlg+wuv13xV1cSHYumoldjIINNMkcIk+Lx4AgCXtTHxxSZ1yz:I5g+3v13T1FH6MNIIPIIZLx4zyt6u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 46 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b5bc4ffcb4d5e05b6cbbc2e24a1f8fcf618f90d66aeae4e4a5c24961feb6dffe.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2764

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\69C6F6EC64E114822DF688DC12CDD86C
    Filesize

    779B

    MD5

    f281f3fb4637d9b6a7f8169dd86a33f6

    SHA1

    b376e73928d8006c7dd98fb8352d191f0d09d126

    SHA256

    dc01fc83953ba68d5ee142095498e3e8c918cde3e477fca825fc4486eabdb331

    SHA512

    3656961c137703b637c6df95ec8aaad6649b78d597beb94b168887cc0f71c5b3c1622b6cbf88324ed31e3024ac47adcc222acc5e2d5b134c7934cfb118224eff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    621aaa7542d38e150d72566d948eb0c8

    SHA1

    9d6230bf8c4b7bda28179e0158d6fa60c7ffd5f9

    SHA256

    5db6bd0e0eed693b861f7395f89d83d2564a54d125e3618134dc1ee8cc6c4bb7

    SHA512

    fd258c48a4395c07fab373fb02d988b7a70a1dd9a889ff63ad28c5b4c7ee8428daaac4e05aa73a6d42739ed6b2067be7f21486736a1067d498c9c4cc18051615

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\69C6F6EC64E114822DF688DC12CDD86C
    Filesize

    246B

    MD5

    a65c8149bc06458b6591c4307138f3f8

    SHA1

    c73347819a4a8465a24e223c4acfd5c6e8598c46

    SHA256

    d11a4071ea65ff0729d719ab4d37d558f2624a6a32cbf507891efe73f7004386

    SHA512

    412623feda4e268f17bbb259516a27ae79dd49f60279f3461c1fa30c11281fe367f20e9254298a0787494b12ca29f042731e362cedc4d71d910a4c2b1ff8b2b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    9908c739628120d6ca004b6dd3609d5f

    SHA1

    ea0dc6e2b037a725d4a1ccc1c63f1e02ffca5399

    SHA256

    be40aad4ff245d20d0d69c74bf515259e88aed423f35f3599f845d1421394638

    SHA512

    ca2acd7b6d0fd5718e31646640c9ee6428912b41107e9312fcebd1e37234ef04d169da80143d3ead9802b5185a4f5fd87a5b28fb5b65561a8a13765c6e928580

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver2163.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TTLFUYWG\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\CSVEI4FQ.cookie
    Filesize

    613B

    MD5

    e54fb253c36491e1dd82b713b7dbee8a

    SHA1

    6aba48a112db9be4f3fe58fac5ed7d83bfa5793c

    SHA256

    b43c3f78e4e9d290086dacef01e0a7906ff8fccb1b485d83b31baceb7b7adbed

    SHA512

    7caac97dd84289c0550f2ddc546a204ba21c702cd62b55f0a9ffd7679e4081de141b3c04c5bc6ac97807e82316fe81234a003264e1eec2475aee1f10c8caf466

    Download Submit