Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

58a7cc3d-c...9.html

windows7-x64

1

58a7cc3d-c...9.html

windows10-2004-x64

1

Resubmissions

19/03/2023, 14:35

230319-rx54xaag9w 10

19/03/2023, 14:28

230319-rs1nmaag7x 1

Analysis

  • max time kernel
    101s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2023, 14:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    58a7cc3d-cbde-4fa7-a806-2e6e90105199.html

  • Size

    72KB

  • MD5

    563777101470492e7601c9a2842aa020

  • SHA1

    76049d062dd75707a99061b5ee80183f7fafbcd0

  • SHA256

    1fa959c7acd71bfd0f97b81aab37a525e092db8a86854712987259d2e7cc3482

  • SHA512

    d8fd9857243e814fa8a23d0afe763b9bb3eb54c69536480bc9e96d4c79db87900a125dfb32a5a91f74be0b21cdd7fd25eedd05e5bf488e0c375a15ed8b0aa6dd

  • SSDEEP

    1536:JLjM1qyWRhtQNlNJa2UdOll3tvreyxeclJnTXpwe66H1pa0feMAAFNJ:FMwyihiDasl3VeyfKeXH1gW

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\58a7cc3d-cbde-4fa7-a806-2e6e90105199.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:688

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    52dc95eef860cac14dd3b908e5305a40

    SHA1

    4ac465a881c449e567127a9e8d8b40cd22f3fb27

    SHA256

    6bfc42e5b3ea36168fe8ebb58da1b8c6cc366c9e55ac67e270799e404184dd0a

    SHA512

    0b1d31f866420a792fb81416cfdfdc7cf49a727ad973943696db208b4c33fe93eef8e5c7a1838e14ac2a4e95407a091881cae11723026028935342de4b15cde7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e9bc1f9dbe85000fa258cb35de7eef9f

    SHA1

    dd750b0f58754d3e9756dd3bfb72390c3f460523

    SHA256

    f8ba57c3f3965801a6f5acff942b139d2afed48568b7eb1a96f3c66cf096d668

    SHA512

    3a4a6d686c01e83e4738934799fa6fcacc3d06aaf36d42553a0225f7095fd817c94acbd676f4656e86825b117cacd44102e6f9addb40aad0bc94d22465b1d347

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a02db8f4db796396477f5d9c2a24960e

    SHA1

    033dbeee19adf472c5284c7276a3749e7b46fceb

    SHA256

    1810da397187a10151cedc9816afdee7f5ebc323fb8dd035f80c8510a30bd4ad

    SHA512

    5eb9dac1c75100688e70bbd44bda115e52a8979f9364d97e1e66573d72f8020170da880962ad351a76c11ff1697bd773a425ca7931f92612bf2018556544ecf0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f3a2ca07bae692784e1297dc288c077d

    SHA1

    7a52e94eb183f5a809fb07b7edc4069807708451

    SHA256

    d5a829537e4da728cb351b4f523a5bc0fd7e8d29b217e21cb9b996f7d34d891b

    SHA512

    22398eead5e296c5a87be327c1f753d749dc35da481c6a50a03acc7b00f5cb9f03448ba6ef4e86b7830c3cb7568654e702c62528b62ab3d852f6af1d6b73ce36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    81bb434e8f633615c13a3550138dc1bb

    SHA1

    094be424b334091a236a859081e01e63107b77ff

    SHA256

    98adb50fb486be455a888f39594dda70446cd4ea724120fd86189d9e1f901418

    SHA512

    645ee2219995c16b4ccc34a0de1eebfa0a48411363ae66e2872497f7b268fd21bfeee686f7615cb2b94487100c23a60968476ab4ca70bb4ee075bfdffc7d7452

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a810053f7b653f875c383436b9186c4e

    SHA1

    c4414204b2073d8575ab77b473dacd6a3ee2acc4

    SHA256

    805b693d5aa188346dff7a570eb34ac2ab2e72ab560e3579feda9cd289b97ea0

    SHA512

    f3a17019eccd8b5a7d56ec820f9eeecedcbbb453056b0521613d9bd512061b6042add171709ded03870fd23037fe42bb9467fc6a5a53f075c10f2e8f1d1336b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c4bba574d7c2ea7ff710d9b04aab110c

    SHA1

    abe8fa88e63e71608ed142dc067e3db6db9cae19

    SHA256

    7d6fc936319c5feef94a42f44b8bd45f30fd2413bde36c8ed20abbd3f030c3f1

    SHA512

    3ca7844212dc9f2188ecb415cc31e9a21c7e506d7f9ec5e9d0dfe4d8f805b1a7787a93b62e418ee690d76def66e10b555c8a661581bd8187b20b4a29905718ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9d80051fbbebc7abf5191b54f74a562e

    SHA1

    7503c67d138dcf4c1c6fc50817c4d9b070cb1784

    SHA256

    91f95b113852d9af62481c421bfb4aefc757510310b3b52bafa21fa5cc37d4cc

    SHA512

    4364ff0c59dc0f54241b8de348982f58158c5af69079513d1cdc4eefb6d4408d6c4894536fb90f91316287685e92d9570457430683fe052e045b42c9f3905721

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3d3d36e02cf26fd48f24546cfaa2dd6f

    SHA1

    c876ca1a5608cda20e5eea7459038c492f1efed1

    SHA256

    56cdf32af5b3315f4a38c3b507f27a7c01fd81a35ff29190dd19280fbca8b0a2

    SHA512

    88025f6ff9ce956cdfa29976d7cd26886aa26f6340403e6d081f5c93d2fe1441a8d5f054aae84d592615371f963f00adce0d402259b6cf4e121f9dcdd44f941e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8c8ce0e484ba6186d01d28ab4f82a4c0

    SHA1

    00638176a4d422cebd4abe989581c02c1c6054d0

    SHA256

    c852665e815d1690e19c32f988b7dfd3fd108a4cff3a2a33e45ada5fec322900

    SHA512

    f2b04f5aa8fb386f7c4becbc4531da962e1eb7878360b652905f4a46694a5ffb5e1a22e18bf47134e7be85c77718fda7fa9830f771574fe1c3f311355595bc3b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5303.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab542E.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar556D.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\CGYS18PA.txt
    Filesize

    608B

    MD5

    04a3ced13c4086319a717212df980373

    SHA1

    d737d485450f43adc5379bf2e9bd51a967f19c23

    SHA256

    32cdf431f3576ecb10c7eccdb5622ffadfad7b4f494ed5ab59d3358297a87120

    SHA512

    31e457bc11eced40e96c315ee8fc3e3fe864ffad8e58e6435b8ee74598e6ffec3a82df8be32638745e2b25bcb1d97dc2bf9fd7e7a477bae8f1831859557bbacb

    Download Submit