Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

6473b170b9...2.html

windows7-x64

1

6473b170b9...2.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07/03/2023, 22:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6473b170b963c135e46191caf14407c43f4e50c57b95dd83822ff9b47cacf992.html

  • Size

    56KB

  • MD5

    fb24c0b683e053fb32a45a1038237e55

  • SHA1

    a990ed8b15261b343094743ee941131acb339a46

  • SHA256

    6473b170b963c135e46191caf14407c43f4e50c57b95dd83822ff9b47cacf992

  • SHA512

    fcbebd635c5e77b347be2d0d141c328501fda7e461999ce10e366145e166fa8a539893908e64cbcd585720db0fc7976457417e24b8db891e76e7b04b57157bc7

  • SSDEEP

    384:eME/hoDjoULJx5PO2XHW8G7B59iYGLE8ih/gRsWP7pTLaRyRsWP7oTLaRkRsWP7f:eMUWxmrauQgBMPy9sOp

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6473b170b963c135e46191caf14407c43f4e50c57b95dd83822ff9b47cacf992.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1756 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1880

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da8f8d88e0080dbee10abce896d085e3

    SHA1

    3882053a869de347060f64927acb394d2dd906af

    SHA256

    d93fa75038de88c9697d42ac675b191826b45a9bca3966ba5a476738995fd1d5

    SHA512

    ea8b1dc0f66eda610d6c3f8bf56f2322fd3a0762d41721520638991a568461d05afe93e0f644eda4958eaa22c3497c8dad779f13cbcd99ce1d1378fec6af68f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b8edabe04c8b1d87de9426cabf93d38

    SHA1

    3512fab4db5feba9e5866f6c4b0bf76d7296136a

    SHA256

    a36bd42f20ce47f5d49d6d37df2d932e1e804e69a6ba4a73ed9d3eb063ba91bb

    SHA512

    5f530f88f4d707bae0c510a6f1e93f614d1d34b17869670be8c197d0cc7cda635eb61a8567115c932587fc09b7f1290206ee2b53a3056749b9512f21b928b0f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a453074bcf38a12dc5a76e3b19703954

    SHA1

    e099f5613d12e1b18791425b7517a6cedbf9bfbc

    SHA256

    aafe71369d71832f69b12732f07024c04d7f4afb533d95442c2c6865c8a311a2

    SHA512

    a9a90bbac2058b6dbcf837e576a636ac5f9db3ef278ac6ce8024712a33c88df257826f26f12f09d3f117fd09dd887ac7a269c41c192509a79e8be5c118c55eba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64622278bd0636edcf64f17228be8500

    SHA1

    e5b632b19bdc088c2919363381bf39234c13f17d

    SHA256

    70a70ce00185eb3ad8756d71e585b8e1531b1f4a80e5070047695e64e19385d1

    SHA512

    4cc3350c8c88e7c8a85e317d53884facc095a98d86cccf917a56dee63a43c70b8b700f681fdd2b2c4fe0bbb7f24369e2eb78500006aa5862667c76a74183a2e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b91f246080e63fafcff059f0ce223ff

    SHA1

    c239995455a40e42d89429110e4ecb95fbe9a5c8

    SHA256

    70a22945d53d2ab19bb9092ea0a3270077f45985ad8fef5baa240fef7de210a2

    SHA512

    a9950af7f3f8987cddbeaa4320946321c0e93f3b8cb3a4228f864f614be5249dc8fc5690a31caa55becc6c5ece7ac78fd037c96228ad5db23fade629ef652cac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f883e2f1f489df134f90b34bd5ecb98c

    SHA1

    5ea829a021c13cba35c0c569dcd4ecebebde3338

    SHA256

    4a973421473f327ee5f7d3101dde9c4d48e04cb164cc471e2586a195db8e7ac4

    SHA512

    29d08d0227bf93fa755fcbf45019e968b10de257a03461af72b8f3ca20fe171437eb3ad0feb80f58b585398385bb02798b96481b0f4f04b113c6217752cbea2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8a134af797b155b0db3f177b670ca10

    SHA1

    cc04a6af843aa2cbba163b8659a6cd3a652cd9e2

    SHA256

    068d0523165d91ea9e98af02e9c158c1b30dcb2abc00d568f8107c9c551dd89d

    SHA512

    3df1d0b37e19bea918d16082ce13dc6bfd242a305cf356fc06790d6893e2c51d62673fc6ef3b50c836b99fd712a29edeab5863bc7bf7c1f73100abfdbeab128b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecb59805fddef03da69da92a509ea759

    SHA1

    2b16143125126d15def81e766ee349cee9b3fd11

    SHA256

    709b40b651f8d44b0066c17a63e60c904f9de79a2d9e38fbdfd0168bf1fc87b8

    SHA512

    cb9e36671d4b8da249a2b58a45e3121304c876e917cde250866dad2d275afc074bdfbd6935bc0adf65bf703a02d9bad98e82867a2538f8536f6302554a8d0f9e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab20EC.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4771.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\47X1HWOQ.txt
    Filesize

    608B

    MD5

    87d1efa19ee710a0f501c31ea1fed582

    SHA1

    23a6d3dfa1593c1025a9831cbbe522d594fe7878

    SHA256

    81c74ff4016966cacc98281348526ee4aaee403087f9f6a996210295dbe25be8

    SHA512

    c16c472eef17bc6541fe050c8d53cd1062465bc4321b2d5dc55c9a0e78c90117711265a34dc32a8039bde07daeb10a18e32256e8e389c9bcb261b13a68ba23c5

    Download Submit

  • memory/1756-54-0x0000000002C30000-0x0000000002C40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1880-55-0x0000000001160000-0x0000000001162000-memory.dmp

    Filesize

    8KB

    Download