Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Payment Co...n.html

windows7-x64

1

Payment Co...n.html

windows10-2004-x64

1

Analysis

  • max time kernel
    82s
  • max time network
    104s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    23/03/2023, 16:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payment Confirmation.html

  • Size

    740KB

  • MD5

    a976072f9d3d1bd730c6df9f5073f332

  • SHA1

    09967bca6b989a581a0fb177d075881da05fbdda

  • SHA256

    c8c4583cf4ae19063d9ccccfd585d92d29596133647c58670c1c17f0654ab0a6

  • SHA512

    d76b50f9b4e43ad8dd6aea453451ed8accc49790f35534cf5e116be05fca553ece0094354573e4e22f2f1f64da42a99a5969b483883d98b0b8c131f8d2184a15

  • SSDEEP

    6144:6esX6CUup5ntn2KHzt5AXfTd07oGv4Yfj6kLhk/m5nOyA8EM9OTZRDe+OBvozTty:6es8BpeBLo9FevCnPjjQIClu5M22XPT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 40 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Payment Confirmation.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:516

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3f9e50bebb1d165d67cd91f94099c562

    SHA1

    75aa5ac13ac25c88e46cf8194d1d63569ca75d12

    SHA256

    badc1a64d3934f96723cfcf8833a27e93ca2e16eb2880da30809ba7df3f08c96

    SHA512

    a07c87424eec8f1f6694d8d75bce60e96b80dbd9e910deace3cabd2e5a9dabe58597806cd4756011f1f42c209e1a95eee31e2a9dfe9d7a6e5c6b8da82da0b2ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bf99b4dd1b0e98fca145284d6e90a729

    SHA1

    a06b2165e24fad1cc9308e10b646cc4a37742b59

    SHA256

    3aa50b5bdddab1f84145295e185d7feddd7a0f1cb581044b760cfefb4b1953d8

    SHA512

    cf3043635f66ac8cbad47b46d5ab14793827beafbb25cf8bb4f34b05fd0c62de703c54e029d164f50273aa6c43d5d964602bd18f3ca9d72c273744f4bc257533

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cea8e0f4b8fd4400d1502635cfd5c7a5

    SHA1

    09c8a55fd0b200801ecac1e538f0d5b75fd018f0

    SHA256

    cbcf43658a254054f4fd5a15a997ee8ad754dbb0b0dc57cc3adf561c4314a026

    SHA512

    850f80070a36dd35bd4bea808764d6930f81b373df4433a265e5e99b804a3497ba7063fb44c6477e2c21c7c520cd809059cd0da0a19f084864a211965729dcab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    dc86a8c9ce5c37bcca1a5f8b37f89446

    SHA1

    041f5556977d4c799dbce19f9b2319c84fec705c

    SHA256

    f729c2e5da7ebf076ae5edfe29857d6d7dd8084711433c48334d5d0dc500aeb0

    SHA512

    7db776aa0b97683bf4ae49da6da09ca21ea6959be2605515a7ca3e56089b7e0e68a63c68ba04278c2b4b63bd7df6c59864d99310e8558fff13c8e1e856393bb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ba29da2d131704c1aafba122685d4006

    SHA1

    5a90d4e9195f5453a6e5d4b9b3c7bba44431ac60

    SHA256

    3672c36afcff05bd3a2b8da76368cf299a567fae33fad78369dff51ce808072f

    SHA512

    175dec2722bfc5075ada466de5b1224ff3877f9932ed7ef4ce513d12a413d3a8c2522f10bc7126fd8128be09f7ed9c7fb584f58e83ab5a78767ded8a2ca1560c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    94f1d4f56512dfe242b13c93cc0a5edf

    SHA1

    11cf1d760600a3db3f9f78b83bf92c7bdc9c5979

    SHA256

    c7729e49deac867123a07ee719451dd7bf20ece0b7ee1350cc66a66209ba253c

    SHA512

    f2ec2f62897f1812d39d723a393d42a38a56470e67d8be5fb3f0f6c83ea26826e64cc30b9763e3677a1a7dc5d20f57a298cb514a8ab8666251e6232248a638c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5bd672ec3e4c975b9f8d9d89ab80d0bb

    SHA1

    8c23751e45b27541b5d72b62b1babbd7b99a1c80

    SHA256

    64bcc1665a27493d5cd37eb4e3af7c4b60e9d50d64b5fdb4214ef03b5dbc8bba

    SHA512

    2734b4c07f6f7cd9b1dca732f0aff0adb0554fc627787a9149841a027d5d72b051cc49c922ef6bad16fbd519771473e4ee687a2c776ff8bc89561709da26fef5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    454ba1237a74b5e4c0b9a377a333ccc5

    SHA1

    7528f258437eab62acc44cd71e19a636c8ed7de5

    SHA256

    9d3c34c577e2ecc6b5c1313ce82298ff548009a618306c22f1055f5a22227a5c

    SHA512

    cf1b168bfcc1caa84c121292186ea67615879d9a5f7eae5070df20718364ec05f48a4e5eed51de377d62c0714713378ae5c8ec25ce6e929cb1f266f55815a2ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    32c6f9eb3420b985f3cfbece487cf8d2

    SHA1

    2d7f99e4ff2c263d12c85ba76b76cb90bb506a50

    SHA256

    48650f2c970c463d504536bdec4b27bebf77936b8e39f6df533ebeb25d7dab52

    SHA512

    0c008b3d00e3822fb05fad696a8f7f9b277d2075c0db001895967573f263a37c95663653c8d79b641344e2031936cb22c095ff631d6fbcf2064349206ca58575

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1bb020024fe08a3b744b0977b5871b26

    SHA1

    ebb654a0d76a28d9d0d16fe1bed983cad55bbd6f

    SHA256

    3c896a3e553a05e41b1359e08544932cc7eecc31ffb54dcbb724e63adb58491c

    SHA512

    6346ac953f56f75a513032c69cf22c04273bc34b1f6e6d8b6f4c2215bfbb10e3d44548ae596cc290db4d75932e4c43e4f18d9d3ddf35d6aeaac2169c22dd229e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    95f9ac8a3583a47bdb0caac214b27308

    SHA1

    bd110ea7701232f0ffc57c15329381bbf20bd2b0

    SHA256

    54538fcdd05435344339b9dc6b246a51d0d38a8b365143bf4f42c4f3b4fec4fe

    SHA512

    e96328a438cf4a01156d149cc587ff55e3ed08ac2a4e875ad4976250220601fc8524f0492abacfc196a60675b70946f69c8cf01d871bf9daf48a58f710905c76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ea86716af8d692f6996b93b127c5d69

    SHA1

    7c57ea48432a28ff472aba4a6d5419633e0abf3e

    SHA256

    e1e87d8a78f3e80c6707af80d15f80cd6f110a9932530323bac90665470b312d

    SHA512

    cafb36c5465d934bab3ef7ae89810fda4af363615747a802f81ba299bda80e7e416b9d07bfe1689b679c0521534d5573c65a680068b67c41e295cffba7cfbe82

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2B57.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2B58.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar46B4.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DF59E64008B2AD35D8.TMP
    Filesize

    16KB

    MD5

    817a237bda182b403ac757c72fda9122

    SHA1

    728817069756f1bdca25e7ce503adffd46a46dfc

    SHA256

    916d8a238b56453edef75c252b9590321c6cf35c3aa7efd5e563b0a059fd6966

    SHA512

    b7ea26f21a5d002b2738daab5c7e553535b01ab94df4ebebc04b4f91face8cb848f4c4141c11bee48d717eea80de332d3bca792800be3b1cf1f3cdd7cd73ded2

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\YNHAFQ63.txt
    Filesize

    600B

    MD5

    603347db5e5341e463adb01418d693f1

    SHA1

    879b5c8bc5a2851d724d2fe264f7fb0e48595a4e

    SHA256

    2a2409dbe895f7e08260c1db352b7dc6aea6f7604118e3b09984f547242ec9e9

    SHA512

    f55745543417a52e58d80df46bac2b1ac5eec114ce4156a18b361a87d6a407d30078dac1bb0b58abbc370c0ef8cbbc668dc3c68408595ec9f3c44ca902a4d271

    Download Submit