Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Remittance...3.html

windows7-x64

1

Remittance...3.html

windows10-2004-x64

1

Resubmissions

24/03/2023, 12:44

230324-pyk41sed25 1

24/03/2023, 12:41

230324-pwymbsec98 1

24/03/2023, 12:38

230324-pt9a2sec85 1

Analysis

  • max time kernel
    100s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    24/03/2023, 12:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Remittance Advice 03232023.html

  • Size

    5KB

  • MD5

    64188af58348b05313dcc0b198a8851a

  • SHA1

    7da5ede615f8dbab2c159aeea1319f671efd6b46

  • SHA256

    81c342e8068331e76a06110cef06a20ba89cbfef568cec01fb135686e853a2e8

  • SHA512

    74939fa11f76df9c53c7906be006e93e7f2b302af4557fbfd1512784496c53291e760aab75da471bc2e5accc03d5baf3652ac0fa0f2fd0229708600fc53e3d98

  • SSDEEP

    96:0i7JbJ8JvqMJbUZJo7Ycjl1UJPoP/JCWBBoswQ41mYT2JcfIQKJejeJJ7ne18JOj:/tYvqI2o7YcEApCWBTv4Avcf5SeSJ7eL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Remittance Advice 03232023.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1728 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:656

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bdfa62958ba6c32a48c0eefef57920bb

    SHA1

    674bc9d81b035ed63a0d6f0d53885e62ea23cfae

    SHA256

    93ecdd98609f1bb3c0421c88f8800e3159e1d01d8794e9534bc05c38ec23c5a1

    SHA512

    aee357d83a729d7364260262ae3fe9db24516309e1ef8c21693c7286b2fce777a652b18750ea652cc23ade08af8c708586ed5c56e0d52819aa96b356001a8915

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96e6bc8bca7161145e9664bf6fc84094

    SHA1

    ba506081f4cf09b29efd6eb3330b6d6fd5de03b6

    SHA256

    4018a0f38441cb31aebcc0e4d77c4658cada71780fa44a1b2cf98183df05bfb5

    SHA512

    e7245e8713e9356909f119906d4f56904423453dbab8c09988dfd6ffb5fc58c628a35bad8c8ff59e38ed58dd00281afa5843b7911eb85b36cf86dd98d19a2811

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b35db8917619092456f1156f11f0a47

    SHA1

    dfb1e60318a2228d68f52bc3e05058c0280eae4f

    SHA256

    2ee56d51be0c4fc38b67aa3164507f0024f057e65e70de2f00bebecd82f5b1b4

    SHA512

    df981f35e4aba3b26259fcf9f88b47b6201cd5df7edf0d51e5a101136b8871d9365f271e26c224de26cd6946d4164a9962ca455674e0174a9b08ffe03790f238

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e71137d26d4982f8fa2696b51bc0af09

    SHA1

    da89557b05da98c597563a7e901ecd48a31f6f48

    SHA256

    808885fbf7048fbd13b9013e015e0d7f5af5f137ca3c13042d2a7c3bc3e249b2

    SHA512

    7cb7118ae6a3fb0fe1a35376cf01c2e671aec7c97c52bee6879a60a5eef99fccc2e835bb5c358cd9468fb6fdd0f67b6f2ee738bd89a5711d5ac82140f821c4bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5572230298627f51f89a4158fd2cbc5e

    SHA1

    a09886e2195c91db5d4b980fb2299686c7bb59d9

    SHA256

    d78e270cd3af83b6ce828de06ad806e0ba4c694c6edac29721e27d1e7f27eb20

    SHA512

    1857e442db6f703257ef1fa8b7e38fcf72564ea38e703e399ccff8d3bdb647b1c37b0c8e280e109950a1518e5b8f98a1b1adbf14f07a7c3634dc120570aabdb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91959dd8c98f51f081a476a0c0e2a29d

    SHA1

    26c5e2c361db9759532d9134ade9abc6fda3d9b1

    SHA256

    0353e09c9a8294f8997acde37892fd5348456d344364eb485e18e30371fbc511

    SHA512

    7c2569b9996281c108c0f7cba3954bd3a38d2ae048e1110039bde6e5fd2381b7d1c6f696bdd58b8117820de1d2043a01200bc80ced872db702b78e5ff85b9f15

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMIDRLTB\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2760.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar299A.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\J8S0WVN2.txt
    Filesize

    605B

    MD5

    2d4d296103f39c9a3fd658c87f4c304b

    SHA1

    14381531c9ba23f1fce286cc4a39cf1ecf81cac6

    SHA256

    73bed89b2093a488d8282e77c357809677838b3dca7f5aac7d0b14690470cd65

    SHA512

    7c7274aca9f9714226de8fd74e758416ff4000a0b6d9a808675d564c9c10e01f731da7646558c426ac98d960536e4e45ace64bce853563fcf2ec05f1c870c1cf

    Download Submit