Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

optiextension.html

windows7-x64

1

optiextension.html

windows10-2004-x64

1

Analysis

  • max time kernel
    88s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    23/03/2023, 19:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    optiextension.html

  • Size

    63KB

  • MD5

    bfcb5d2269bbab1f2c1a440903a2d21b

  • SHA1

    66383098ee5605bf591fbb4dce8497ba4db8eabe

  • SHA256

    2ff8469b26326ef38659865a1acbe0e9935d84cfe5f9899307ad7d54e6fd8c32

  • SHA512

    68ea526ab87f59d0404d7b499d921e74701f4b6b3030eb8886a27aada00639c08e54d986c183a98ed9b43f149c41ecf397f2c92d365166eef54b99528792cb77

  • SSDEEP

    1536:tJfcbD1cDnb/jG/jG/jG/jG/jgy/jG/jD:wD1cDnbrGrGrGrGrBrGrD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\optiextension.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1704 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1108

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    d0af2a98f1f44774ef3bf86293a6afdd

    SHA1

    478eb04dcd0448c88c454b8c8a17d4718216e446

    SHA256

    ce1b8aaea8168d7dc66a683d2751fc259a7038cd45a9e23a9a6ef7ae618069d8

    SHA512

    9cf86766f82ffeb58014c8d7318de9b880ca092bd894de21b5e6d106e49487e73f78fb4ecf1aa96e8618e014bb10df31000d25dfe2857d77d83ab88a41308a0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    3cfa70554deb574faf5a7aa94bc85948

    SHA1

    ad081a4f9bfa842add7d10ce8e3dfa4cac22b51f

    SHA256

    3acccd048d594776d7a1b7454540df3f15a66700ff4e6ffa58c01cdd486caac4

    SHA512

    31823b002626df2ad356dd2ea62220ae59ebb61ceb7cf3a5bf6fc034b80ebc72f2ad5c5339ec2c97e744cb48576e0256911b3735377883d5f13b554225b4e00a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87a774c06521e472c2f7e1cdf472d058

    SHA1

    03af9c4f0caeff5e5cefa21679ef87a60e78a438

    SHA256

    c3ac7eeb9f57337edcca8c1b112f681fa5866650ecedd9da21b7b6b5124519b3

    SHA512

    2763896549ec955d8cc80d6f0481bb225f5d0b0eae53a8174ebde026aea987b4e00de98b3f9d579d3915e9cfdaac99ea9c2ce630b410fa00672cd398c5606d05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f9b7e820c56c9028bdd942c956a25fb

    SHA1

    222382b13faa192e5355f831bc051bf53ffce982

    SHA256

    6570b1902ad9e7d7da82521dfe8d24ac2fdf667e77c0124cfac12b29d5e9f785

    SHA512

    33d98ee53d03573fbe3521ac5cdeff465394016cbb652079d8111e3bf960e4119a8fcac28c6f326d5e7d45e060198d098b5b3eb7867782243a26e93ddf056011

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1dec427cb7e5b558cd1bbda886b63065

    SHA1

    1c256acf754a5e8d4070f2eff24fcac4f692c505

    SHA256

    d9d56685ea64f717125790e082009a802301720f1d8848b465fc60567a46ee5c

    SHA512

    daec8f8ba59c3ed4b350c9eaa39fbde3e5c9df8ea05c452be390daab136987094da623627d27dfb3f71a7b95d0546916154405f52d06d42f0dfd73f4207c137e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8698b172fd6852e757e8de7d92fb3dc

    SHA1

    180d083928ce38c812b22dc754ed68310eb2db16

    SHA256

    52428245755ef0471755151e59c5210491ba2aa8fac0ff06594fbc7f849c04d2

    SHA512

    32f5718224776e40c19c67fad757a1314352bb6f3f5307aed32656ecb0ee8a5cc877a4bfcc1d21f7fa65fecece0d69f2600d4b5835890c68810accd8d303a497

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35a2d71e0e5dcaf04c4773b69417d670

    SHA1

    4feed367f4c5316364f0e03dd08934306f18ec08

    SHA256

    aed34a87f58ac249b32e26cc2ec31af56beb58819e122cb04e4db9aac2c2421d

    SHA512

    3afe5436f080f17eb00b4bfd2575b76d572ede7e61821a31291dc44bd5a0cd0a29124331d814d4012fdbbc58eb6afda2af2539729370df56079acca8b8e415d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e75fd84ccbc111c26e633a92fa0593c5

    SHA1

    aee712d070b82f534bd24bb9f7e7635c8348a01e

    SHA256

    f662d41419ca4a98b220f3f0ce258baa86f82faac433340d52284bbedb1b66ad

    SHA512

    c2c20039a7e557bbcb8d16b42f99fca8d1ce037f4d575cc0e96139d990c03872d0a0ea7ea1829bb54632c93740b48bde4ee00ed9235f67f2a5989a681a980d02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2235fec0b4ee9c0fa6034dc918dd2cbb

    SHA1

    6f5215b3b0b933ae397bfdf2a4ae26150d2bc0b6

    SHA256

    57aba41a0952b7ec52a0a5911742f212c4d3d7d0aecd4169e51a0909a2d659d8

    SHA512

    54ba8f9874879be52666ccaa202e607130091f9dcdd8bbfbb66789bac22c392e24b49643f06e8d72ea274a8c7bc5b16969f8c92170405895c1ae215818558fee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    073fd7a3e9e49483fe480e7194ea5b63

    SHA1

    76815c312136db18f796d3db5b997a7d86c6ac17

    SHA256

    fa07fdcb227c54a4fdb18fdc8c533e058991784b669729e5cc7bb706d8460539

    SHA512

    567ada7a0fa8cc09a298d18222bf70505ac9a08fecb22dfd06c5a26490ffb5014c7aab76b47c40ff1770503ea58064635200db33ba0beb81bcf9facbd03dfe16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    beb57b82f1e36d34c0854d55d9aafeec

    SHA1

    95ad34c594422e7028f1630ad500869b86c40dc5

    SHA256

    ecad0bf974dc90306f5beaa3b0e8da93f36d5eaedd1b28fbaceb3eabe26166eb

    SHA512

    f8e32446bbfa759699fd57a2aeec51e8edae56626924b4c43be60bce61118711ae214da2b7ff7610fc1de10b430efbbb284682346b5ada5c3c0b1ad8b390851b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5C75.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5C76.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6054.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZG9F9YD6.txt
    Filesize

    603B

    MD5

    e958fd5e4f5d785884055c3d276a0654

    SHA1

    091ba2035765135cc563995d5672590a507d39f5

    SHA256

    57276864fc67e5e2bc7c658377aa1f41f3bf6e146c40d9c79902d48cdac2a895

    SHA512

    6cd03e9d53335c33c583ec61c8c95d8ccadcb92d99682975ab23e02a278fbaa6527d33ddc1d76e3caf4ff9b2f12c82d56e009614b41328983840665e7326a6e2

    Download Submit