Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

URLScan

urlscan

1

http://my-gov-review...

windows7-x64

1

http://my-gov-review...

windows10-1703-x64

4

http://my-gov-review...

windows10-2004-x64

4

Analysis

  • max time kernel
    20s
  • max time network
    26s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    03/03/2023, 00:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://my-gov-review.info

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://my-gov-review.info
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1156
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1156 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:664

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bdca74a9259f608d6e07daabef12ced4

    SHA1

    49c5562394055241c532f892a41094a6d5feb5bf

    SHA256

    bab7790e974dcd8ff458cb2ca0851dc462dabc688d69a1cccc9bfeea96b07b48

    SHA512

    a3e7973f5252252f5407de0eb2ea1db16d2ba060eec155136666779eaa1fd219143dc587b028e6242fef5837c69e2ddb9a458b4e0420bc1755385238040c75fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    919f49ba23f6337cd25a0a22a70d284c

    SHA1

    78c824eef2b8735d086a1e56684031179aa96dc4

    SHA256

    4c24e4588dcb2a3746e7b27f8102c3bf30380e990c8e6f5c0bafbbc96a03a000

    SHA512

    ef17ad90e2c99cbdce1a7614b5bd2a9422e56dc160afc3edbcaf155856f995e99f6d833674f1727b19fa768ab3491982a1464d999a638510381e19210e927a73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad4d69f7749e5f67c4f5ed7893285b5f

    SHA1

    a8796977466c27ebdfed1ca14a97f1532ca85207

    SHA256

    dbddf1ae4e7044f0900d5a725cf7781ab70b96e91c6bea05e232e33124b1aa9e

    SHA512

    2ca5fac068678cd87470faf4148704ae18ff1d46aa7fcb57cdd3f353507c409034aef9a776dc20eb4e5b342946f446e136e880f9f367f0f22f0e974c3522f37c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0892c7163f8a17f2c6b0b4ebd122340c

    SHA1

    dd9c63734f3b5a9c82bb389cf0ba8eaa70d803e0

    SHA256

    3b89ae5c799187d72082c9fcfacf0f8cbf4a48d575982f4acc8009d29487b126

    SHA512

    5156134d5e9ac99e199b75a159c3f3f162f48d8d091ec8c1975de1897d65788e55e621de5d8913a56454db021e6e6c7ea9c71502b415ea3dd455d7a31b2e4c8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53852e3e6e028b5a3a890f79b3b435ab

    SHA1

    5bf3b2d327b52c4e6a56267516ed2c1c81dfc5df

    SHA256

    20692b76477a44a7f6448e72f23a1558c28333d5e7092ae49c6bea2dc379046d

    SHA512

    8b820e7fb1baaf24c1e14f450a99a523632fd952afbaae016428c62ede55936daf27783cbbae687d1acb68d150bbe8292308f17e6fd6fd748689eb987ea9de6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40830fb0cf0060976597772fcaa39655

    SHA1

    03384e9e38c2dbe6a85b19e1bb401e7f18c617f5

    SHA256

    c5955bc390cbbd9ec13cbe636d704c4ce2fa188c01e2654191f388c50ee1fdc2

    SHA512

    d6aedc93cebd4890fb0f650aa003c02da443eee6f2d4b7ea88afe541d350e7d20e7286b26edf08c7b28f7af2d59cc1773c7601a0099add19c7de97738cbee039

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4546b22307ea95d986133e716ac162d8

    SHA1

    9231b9d1b7537d4f4ad2ed1253526daeab7850da

    SHA256

    0a9bf73eb9e603aa69489be8d1ff419903f46774c7128905ba80aaa8fa5442fa

    SHA512

    28fb4ad5e10362afd0202524daa129e17693cfdbbc96d18f779e3fa97e30c223d6061d485fc8e6876b88af20b18bb7ddb909bd3e77d2fd70bd8f40c2ccfaa0bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37b5b675e495ecf3f4c288f92c9bc93e

    SHA1

    a77b0961c6f00fa1233077a47212a6d59599d3f7

    SHA256

    57f1ab92dd6fe5cfbad915b139c957f8217243d7abcfdf50b289ef27087933dd

    SHA512

    c4de4b80e9c7cad692c88139dfc24f9b4d85b6d74eabfb553aa29d08bd4ab8b4df5875e952b142c3c6e2542ada333faedbd99ca1ce927da2e7869a08bf5bfcfc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    466fe7b41353ea605aa0cf5a70334844

    SHA1

    ea1f14f8ebdaffd6809bf24e110495348ad48cd2

    SHA256

    2488d899f658c391226002441396899dceab689a3e5567d93ebd5d30b39418a7

    SHA512

    cdadd261be723a09731b2585d372df4549386131af94a5c84f6c83703d5bf99abf154aaf0c619f167adb47055452c614bad0e344ba3917fe08bc78b34995d9c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da9675a9e6a1c3a912404a4688222e23

    SHA1

    8c2dfd8c16d14b23fab207a158c5f64dcc8c1fac

    SHA256

    f6ddcaf80a42724ab43d4575dd294d00e7877e93fcbc9957c14ef13e26c34257

    SHA512

    6003540300192aba4be7d5c0ca243ea7ae328ea96b5f36db9d2750ac5dcd7fcee48de0d0b46aed699d2652c60506a895a6dd0dbcbdb6b680692e5e3981212484

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4500.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab45FD.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4501.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4650.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • memory/664-55-0x0000000002500000-0x0000000002502000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1156-54-0x0000000002A30000-0x0000000002A40000-memory.dmp

    Filesize

    64KB

    Download