Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

cccc3917-a...ed.eml

windows7-x64

5

cccc3917-a...ed.eml

windows10-2004-x64

3

Document.html

windows7-x64

1

Document.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    98s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2023, 05:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Document.html

  • Size

    7KB

  • MD5

    998c9d4dac69de1fce8874e050d3e2e9

  • SHA1

    d0be8b2d4656b7ba67e40530cf8f4eed017fd5aa

  • SHA256

    60f391ed4f27d128670d086ee02058ef3cdac9fb707e73aa0f0ea6eadd54c9dc

  • SHA512

    5676fe5c5d08c6b67e0c390a9dec54ab26d5017e62001800b05dc30e742027e1467e8589b97b4edaf0f7100c4587059ce583666aa78536884d93514078d4fa12

  • SSDEEP

    96:wdue/tIKe/hbbl183IP8VshHql555zEGFUrqAP6WRoF4snJvaIdcKO2NQs/:wdue/tIn/hbDjP8Vx5Nj+oFDJraL2P

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Document.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1772

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5639705a3987589675d5dd6c0fbcf0bb

    SHA1

    d767d2a4dd7e2e682c2b85125065577534c2833f

    SHA256

    75236d51fdbd3ba6f092f7aebfaef72cfb006e678e06aedcc94e83366fcde67b

    SHA512

    8d26164474c250dd82df9c5d8e0a9deb0bca45a8f33d36e82864cfb97b821f56e38e622c2fbd819030a12bf448e5b3a3ac501ec7c2fadb2d16c0576d4006e4da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97145d0e2b752bf7a980726df931b497

    SHA1

    99a683c7fa49bbbc521e22f9f898e85da034cfbb

    SHA256

    b464a9b735b9f0b5a0c782e499f1deae603453bef518fc184d7eb3f2ae4a1ddc

    SHA512

    64b37230f94eef24607d1166b741f73f53575a91d0377ba18f68000307a5b824d3a8dd69cafe76f90eeecf36182aeb3618fc559b008508ab0df1e51d1dbd3dd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2d608140d3d6662f19195faeca4cc19

    SHA1

    8ece51eadfab66dee050f9b6fcb9b121c1e158f1

    SHA256

    dc4d05419286497686e85c2493a17214a4855fd43f98bd73b761906d8c7f7c9c

    SHA512

    cf4eb37945ae46ce535c70776720e3aea694ee760f7c35bfd1264d68aba29a23ef3b939b5528c06793603306c71e286a40af8626a2a42592f6045d212bcce8dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    459abddc521a5bdbddb62dcb6a90c698

    SHA1

    b97a51951e8aca42a466e09c618b678b12c35347

    SHA256

    558f64111ef388e2691a71f2c5a1d509d9f16e106baf50e4d03264a16499fa1d

    SHA512

    1ff8fe55946f13f8fd5b08a6319435981b5e707abd1f27dbf395fbf3d89f8e436044866220b6851fa1bc0cb690745025b6d686c3cd8ec1605c2d3cb8af67fe3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9080bbdfd5e99372a0efde0f3abb598e

    SHA1

    49821d165024faf6cbb59ddf5d1ef635972f0a88

    SHA256

    ff4d80e2f31365ef2560d962bf9e2e76879370c9babd861d7a2c6a6e5115faaa

    SHA512

    21f7c62e02afe6ca9bb302d53f506cf91f8e0f34245b61e4065a9d659abef127eaf7c918cc2c17dc71c3625ed60902e9120069f463ed1e6ad0d7ba0b2f06e047

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e78104b089e163db477f161782c3a74

    SHA1

    216d55f5bd52bbb9343b61e4ad8a044df94de823

    SHA256

    b603a20a961f740ab506640dedd32d5f1e0d0be707351f6d6037ca0884bcabbe

    SHA512

    354bbd778b1230d507b2b7c4b4d6621034b3856decdec7444f7e692ff0637a68110851f85b37b9abd85e2e0e307ba6c56cc3e8ad046819a5909a33762d67fa54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5d7b7d7c338027ccfe50254a04a19bd

    SHA1

    177439f6b4a355c8bc6461e2d710a205893cb451

    SHA256

    50c6765e4d6e1af365cb269b4bfc8e161d1d2511a0b211f9c721e5fe2aebe5cb

    SHA512

    bd624e97279e8220eeb051913fc5c556ef076040f5f876389f01fbe443e866a5e2d0d850f0ead1d9d6ef99edac120dfc680b82088341b51620c962e65891b013

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a83cbbc7b14096f95585781f2d5e2fcb

    SHA1

    3599c0394ce0b9e9e796f15dc220a94f690fb5b5

    SHA256

    ffa6f7aa2914e684d52fb37906df1f05437927e0b93e52ea93024127d44c80c3

    SHA512

    5b9a636e314d726b003c0f577d570d68f23e4b1b1d3af102eba081088569f57ffe0c8095abafa1870fd2d23cb97dcbdee4fa12c6b00cd4ba27880f0566d15ba6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42d7020467d31300d1fbb348734ab776

    SHA1

    c986c3a1c37ac0b67232fa81c9c6c5ebf7af2c7c

    SHA256

    3e439761a5a6131488a34d909bdb94ef588cf5903de4a781fcb45a4773113feb

    SHA512

    2a1c386ead57df2cc10637a2256d58227cf0a816b9505c6d2933c30931af2313aaaaa835bf41d020bc6a8535632d8ea59d473e27e34b0be8de31a7c9dbf3e7e8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BYN4WSI\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAF36.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAFB8.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAF38.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB039.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\TC0GT9LW.txt
    Filesize

    607B

    MD5

    5d74623e5cd8f1dfbe55d96a9af2f4ed

    SHA1

    9640fc4f37b2e70fb8b92b4df00ee967432cb86c

    SHA256

    9c91d959d34e040709e5b0064f70230291a25f3b54cabfcb3a7a786b172b62d2

    SHA512

    920e40eedde1b8eda1ea0f1eb266e075db4f10841487984b37229b4da09bd1b5002602bc59b3ccfb1ddc25a5c77e958b3281e29ad375f67dd25273ac0948e4b7

    Download Submit