Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Remittance...3.html

windows7-x64

1

Remittance...3.html

windows10-2004-x64

1

Resubmissions

24/03/2023, 12:44

230324-pyk41sed25 1

24/03/2023, 12:41

230324-pwymbsec98 1

24/03/2023, 12:38

230324-pt9a2sec85 1

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/03/2023, 12:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Remittance Advice 03232023.html

  • Size

    5KB

  • MD5

    64188af58348b05313dcc0b198a8851a

  • SHA1

    7da5ede615f8dbab2c159aeea1319f671efd6b46

  • SHA256

    81c342e8068331e76a06110cef06a20ba89cbfef568cec01fb135686e853a2e8

  • SHA512

    74939fa11f76df9c53c7906be006e93e7f2b302af4557fbfd1512784496c53291e760aab75da471bc2e5accc03d5baf3652ac0fa0f2fd0229708600fc53e3d98

  • SSDEEP

    96:0i7JbJ8JvqMJbUZJo7Ycjl1UJPoP/JCWBBoswQ41mYT2JcfIQKJejeJJ7ne18JOj:/tYvqI2o7YcEApCWBTv4Avcf5SeSJ7eL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Remittance Advice 03232023.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4656 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4656 CREDAT:17414 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1864

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    1KB

    MD5

    6b3e1b6ebffeec580c1a5ca8461af98c

    SHA1

    e051137d86e484caeed52c03b74b713b8e9e2788

    SHA256

    9548d7046589382a52c2499e17f7923de66dfc4d1e7c3e40e0cfb4aba27b0545

    SHA512

    d0f6fa1c8102fbeb427c45ae8c6b3e8405fc2280c29afa1d0e379aaf06c954787c2f07b5c78c2257e19fa8743ca8b88aa10ba7eca980be3ce9451beb4e3d0186

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    416B

    MD5

    9fceece43cc5d24a2624e39a39dfe4e7

    SHA1

    50c9d47cfb7ca89a43a4766439af4737b39b7189

    SHA256

    2f170289f6b03efae0e085950a5834440af367a1bf2c2c25a44fccb6f6c1d37b

    SHA512

    30b1a1cff661887ffa4da7c02f8500c9e75bf3691ea796f9c9a6bbef608ede5293f86f56cffc57da6d4662e027cec31ecf4d8499f3a735c3f988dee1d1406102

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\5WX6VSBQ\www.msn[1].xml
    Filesize

    3KB

    MD5

    9204c433bd5ebdb14d7b189cdef3ae0d

    SHA1

    8aec930c4075a74a1c8942f4b4147856954d6566

    SHA256

    0450bf7608dc0afbc0a6d352d14b2fbfeb7d20f4a404e6c1e630b0f9c4706430

    SHA512

    9a70609e574b8cfce04ec5c490f6f027b723d5d6f9e058a6378eed9bc86f5d9a307cac265a6de152184e8389269946989fb741e7efc73d254ff1385448fb8f7c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dcpq11e\imagestore.dat
    Filesize

    34KB

    MD5

    d88b77e148392c1f9bde69c37e96ffe9

    SHA1

    0ef5b239ec29d1b88cf97db56f9afbcf88b1b83b

    SHA256

    26493024496f63a24a98a717016653d935ad68a62de49afc74ff79d8602fc8b0

    SHA512

    d2e6ae533fecbcbf07b0593e9599e89019dba5121ab95effc3a5f140eb3c8720fb7298b82f33335ed79d15efd8d1a73ddd5152a17f2ddb7e1e031847e96f2504

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dcpq11e\imagestore.dat
    Filesize

    34KB

    MD5

    d88b77e148392c1f9bde69c37e96ffe9

    SHA1

    0ef5b239ec29d1b88cf97db56f9afbcf88b1b83b

    SHA256

    26493024496f63a24a98a717016653d935ad68a62de49afc74ff79d8602fc8b0

    SHA512

    d2e6ae533fecbcbf07b0593e9599e89019dba5121ab95effc3a5f140eb3c8720fb7298b82f33335ed79d15efd8d1a73ddd5152a17f2ddb7e1e031847e96f2504

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dcpq11e\imagestore.dat
    Filesize

    43KB

    MD5

    65a4cf89179db94869960821cff06278

    SHA1

    5ce59a881c829d32635490df41ce234fdf5338ad

    SHA256

    6d1a82d00eef22f7741582bb82306f065b0770d89a7af7fc54cb760e50906c64

    SHA512

    d11639d2ea2c36201a4a7417df6be8202383b78f0f08d4f1115acc68f38d5f860caa1d78135842e5ba0f7f52e20e1a2f16678f6e599e060d017d4742c705f77f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dcpq11e\imagestore.dat
    Filesize

    43KB

    MD5

    65a4cf89179db94869960821cff06278

    SHA1

    5ce59a881c829d32635490df41ce234fdf5338ad

    SHA256

    6d1a82d00eef22f7741582bb82306f065b0770d89a7af7fc54cb760e50906c64

    SHA512

    d11639d2ea2c36201a4a7417df6be8202383b78f0f08d4f1115acc68f38d5f860caa1d78135842e5ba0f7f52e20e1a2f16678f6e599e060d017d4742c705f77f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dcpq11e\imagestore.dat
    Filesize

    44KB

    MD5

    9c8a9218ac327c5d10083e7ec309437d

    SHA1

    7df7d6a6222a346f1b257b16c3f66305dee7ac1d

    SHA256

    f5f0bd53cf808eecdfe51375e7af9fbab169259764a97de92db78dcebeac2c35

    SHA512

    ed77ecda9044f64f885b0ca083d77213fb7be2daeaed90f059af39459ce9aa7b0290aed605098f509232dcb4b315c307db5125948991b9552cc704dc0dd7e89b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\AppCache\TCJI8FM5\1\jquery-2.1.1.min[1].js
    Filesize

    82KB

    MD5

    9a094379d98c6458d480ad5a51c4aa27

    SHA1

    3fe9d8acaaec99fc8a3f0e90ed66d5057da2de4e

    SHA256

    b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

    SHA512

    4bbb1ccb1c9712ace14220d79a16cad01b56a4175a0dd837a90ca4d6ec262ebf0fc20e6fa1e19db593f3d593ddd90cfdffe492ef17a356a1756f27f90376b650

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\api[1].js
    Filesize

    855B

    MD5

    078e6d2a2e5b75cd6705a82ae4440e18

    SHA1

    66d9a14dd8c4a19dae1f355e3ad1a30832bc06df

    SHA256

    f5680f96c842950eec32a63d4f370609344f1e07b5c7032a0003c63e028ef1b4

    SHA512

    1a4557d2e43d596387486ac8dd847e278133c4c7725f68f8465364e6f88b8ffc9b9d2b86e723ba8a81f7a361dbf6ac721c20e1978e0c0c2efd440928b61a55fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\core-js.743054a088626b13bb851b7d26724fb5[1].js
    Filesize

    199KB

    MD5

    19980b875da17a01b3cbe56e3bb4022e

    SHA1

    900535f9c2267098591880bd790175875dcaa635

    SHA256

    40e1be5d6122627da16ad51b5e4859c8912869f154869ddf50db229e273c8380

    SHA512

    c5df298aa50b8afeeba4b7a1f0831da229f11c8b3e71d65d4bec76c0c9e4353621fa984a8c173a499950f9920ff8b875ab301cf684d147d4271b355b516430df

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\favicon-trans-bg-blue-mg-copy[1].ico
    Filesize

    4KB

    MD5

    30967b1b52cb6df18a8af8fcc04f83c9

    SHA1

    aaf67cd84fcd64fb2d8974d7135d6f1e4fc03588

    SHA256

    439b6089e45ef1e0c37ef88764d5c99a3b2752609c4e2af3376480d7ffcfaf2e

    SHA512

    7cb3c09a81fbd301741e7cf5296c406baf1c76685d354c54457c87f6471867390a1aeed9f95701eb9361d7dfacce31afd1d240841037fc1de4a120c66c1b088c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\kernel-a9509dac[1].css
    Filesize

    100KB

    MD5

    1f9ce2a5856043b3a3910f5fa7366aa1

    SHA1

    9d86db46ddbc7440d5c81d6bac746ff2afdf266f

    SHA256

    6c4a421bd4a8251bb6ca8d9591d44a40619375568ff2b3eda48c5e6ffeca0c0b

    SHA512

    1b9d5e4ce34b821e1c05335449ed00b6f91868ea3d59b63eab52d425c0c0b70ef90d1dc36b75389ad2e648f6a6eec86f7e9e339b760aa8c33cba9b09f556af29

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\main.0c08a61c994d92f70686[1].js
    Filesize

    3.6MB

    MD5

    30fb60809e70d298d76b1caa7592ef2d

    SHA1

    9dae28b629aab8bf38586bfd2a391dccb9c0a32a

    SHA256

    c5c01ed50321c2fc94208417e17b9ae6b10cf404cad8b1c8d3c399d0a2ea8f76

    SHA512

    556832411dbebc51cb0fd372a80d598ca5dadca32bed24b8479d4739bdf1511f9148824ec43b43f4c85a6f01ea9a436b367eb94ab55ee83acd13b6f7ec5d516c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\qsml[1].xml
    Filesize

    515B

    MD5

    bbce80b4f961742b5602d7301d0cdc1a

    SHA1

    791b97f97c3607ee06f9f51c091d68b5fd3d5260

    SHA256

    99f932a2bbe0347304e2ab9c256f2dcd12d32526d22dd0eb4b7fa699cc426d6b

    SHA512

    f1ecd7c1515eec1124544764410cca54e593e19f3959a7466ff5e59a47359bdd9c6442fee6e72ef35a43be90fc98787f15e648d68f1ff857d0849f44dfc664fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\recaptcha__en[1].js
    Filesize

    405KB

    MD5

    733e4a30889fa7c9947958423e21e810

    SHA1

    16a2cced6035295476141f8ac1cd928114cafebf

    SHA256

    7d2c1727a32a92776f9a3078abb845bbeb77e6603c40a318f12ea1e1b5a040d7

    SHA512

    b4a458c1c881be83715467db5c53826dd1a657bbfd8fc4b2b24b9350e5b80e489d6a438c88b05ba6cd139cd2bd62031ef07a40551437a1575b4b25b612baf3fe

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5AN3FZ97\composedPath.747e02b4db7d3b22a19fd3efd2303663[1].js
    Filesize

    252B

    MD5

    551ad64c21200577a3af115dc4f704b8

    SHA1

    e2b6c36786109bc3a5fef6b6750fefc03b4399d5

    SHA256

    99e60fbd12fa9cffb9e84b4f8fa53169cd9eb965f083337de1995926a5ed83f1

    SHA512

    2d822ad5c5accfb3a8ccc5d3acb410e71a7e841818ec3001e09092234145793ca5cdaa59d24cecf83e4758a8b5b98670dd11a27a4f11cd30d7379b56abab0a11

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5AN3FZ97\kernel-e08e67f3[1].js
    Filesize

    283KB

    MD5

    463d2e66710fcff44d3915c12caf5335

    SHA1

    e80a0fa3e359ceafa2a80f5c84451d951c6b8947

    SHA256

    824531c3073f6d80180df9e58f1574f2609ffca984faf66a596ce39bf39fc72f

    SHA512

    277d83693093525f07cf9aef0754e31138f518624c84ae634fa8eef40f7e789fe90f08c010c100d40bf9e0bee60e29aab429cf98370b102801df9f35f311c4a4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5AN3FZ97\qsml[1].xml
    Filesize

    506B

    MD5

    9a176371f15676261a07eb4a81926814

    SHA1

    4b9d4507a98751c66c961fdbb2cc0815b1ac22a2

    SHA256

    dc25070b8cdb6c3f0d58d5ac294002ffab83e1f108305325cc17bf3c9e339abb

    SHA512

    b01be6d178aa89992fee1929057548b861facd049c26241b86809a7edc19da0d0525283798887b9467f389d1db5a010648f2c8ad7c445028339df24c90c9133b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5AN3FZ97\shady-css.e1693e8462f7567cc71f9b893e8e1e20[1].js
    Filesize

    136KB

    MD5

    4e9d95156d75a4fc4870c0e310f97de5

    SHA1

    2240728b13708dc88878f93ee7e9b533ab93137d

    SHA256

    d13585401c3e5ff6678cacafcc42ae674296b0d9551d2ee03af5b8aab89743a1

    SHA512

    5727aad8d5e593454cd5e1f95c37fe2f77cb747982ac1ee649c4aa380e93ac1ad336ba8b9f13176aacd8e2c158c61ed1dbe267f0d668d1c0c63bcb90581f1455

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ0AI98S\Favicon_EdgeStart[1].ico
    Filesize

    33KB

    MD5

    7fb4a1f2d92cec689e785fd076ae7281

    SHA1

    f3477f75f8d14dd3bcf5f50176f8cdfdcd3944f5

    SHA256

    8ffb08e22d8848b0dc64e13ef43a5db913a3b4c112f67b0346f1508f2811aeb1

    SHA512

    bfc68283080028dd1b93bf28600f2abd8cb3c375c6433649972485e027b6d72e81535221ff2c89c2e5b255dc24ef3a1db28129a95eb872f236ca624f1ca9d02c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ0AI98S\favicon[1].png
    Filesize

    1KB

    MD5

    ea5b82d1d0d83deb394aa8a5f0973530

    SHA1

    d94764657d0d75c8dc3b4c65d15a3a10d3418817

    SHA256

    6e96941253dcc6fc33f075418147c17054397384c4e1c7fd5c956e5cabdb2983

    SHA512

    2131c08071fe436bfec13a36c12bdd391c6769b75263b4bcfa9980c5be03c64d84e133ee8f591fd5aaaecbbe882200219bbe2b7bafc8bd152b867472edd718d5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ0AI98S\fetch.a1ad5fb96dc0cb61b9454244c9bd7fe6[1].js
    Filesize

    9KB

    MD5

    9f292b53ba5b57783d407eb5a61aba83

    SHA1

    e6f20058e0a0c429a8116ebece108a4eb298814e

    SHA256

    223cc0c3d2c5e4834994571da73b15d261a93d71c03ecb388a993bd63edd5215

    SHA512

    900acb1361b95029e10ddbd5cffa6930b4b8ee2e4670325f768eb3c339c1d163d4e669b2639fd69ffccc9a77a5b7df9b42c6490056bc31eda45285fc2aea903a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ0AI98S\regenerator-runtime.95dc763885f05111a2f88232a2d0cf2d[1].js
    Filesize

    6KB

    MD5

    2b97956e0416f86ebda5ed3d4a75a127

    SHA1

    822c7aa67ba595ee504411fbf9b6ebc6749e538a

    SHA256

    ffb233e9e2af858fafba9637abbc5a73af39fdd88fd31c5a8fb7cb63cd17f454

    SHA512

    5ad19641a50e4c59e76eb32578ca0ac85aa59f8000e8663900ee4557c3dba0ec979b8745ffe1e886f340cb91a0750024f87b6fd23e6ed40de629638c09a438fe

    Download Submit