Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

SetupX.zip

windows7-x64

1

SetupX.zip

windows10-2004-x64

1

Data/Packa...in.xml

windows7-x64

1

Data/Packa...in.xml

windows10-2004-x64

1

Data/Packa...ls.xml

windows7-x64

1

Data/Packa...ls.xml

windows10-2004-x64

1

Resource.dll

windows7-x64

1

Resource.dll

windows10-2004-x64

1

Setup.exe

windows7-x64

1

Setup.exe

windows10-2004-x64

7

jre/Welcome.html

windows7-x64

1

jre/Welcome.html

windows10-2004-x64

1

jre/bin/JA...32.dll

windows7-x64

1

jre/bin/JA...32.dll

windows10-2004-x64

1

jre/bin/JA...ge.dll

windows7-x64

1

jre/bin/JA...ge.dll

windows10-2004-x64

1

jre/bin/Ja...32.dll

windows7-x64

1

jre/bin/Ja...32.dll

windows10-2004-x64

1

jre/bin/Ja...ge.dll

windows7-x64

1

jre/bin/Ja...ge.dll

windows10-2004-x64

1

jre/bin/Wi...32.dll

windows7-x64

3

jre/bin/Wi...32.dll

windows10-2004-x64

3

jre/bin/Wi...ge.dll

windows7-x64

3

jre/bin/Wi...ge.dll

windows10-2004-x64

3

jre/bin/awt.dll

windows7-x64

1

jre/bin/awt.dll

windows10-2004-x64

1

jre/bin/bci.dll

windows7-x64

3

jre/bin/bci.dll

windows10-2004-x64

3

jre/bin/cl...vm.dll

windows7-x64

3

jre/bin/cl...vm.dll

windows10-2004-x64

3

jre/bin/dcpr.dll

windows7-x64

1

jre/bin/dcpr.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    104s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13/04/2023, 11:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jre/Welcome.html

  • Size

    983B

  • MD5

    3cb773cb396842a7a43ad4868a23abe5

  • SHA1

    ace737f039535c817d867281190ca12f8b4d4b75

  • SHA256

    f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0

  • SHA512

    6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\jre\Welcome.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1640
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1640 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:776

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6762fbdcbeb4db83d45967120d05ad9

    SHA1

    e6db20273b0993a5319ed74c5854d962e808fc8f

    SHA256

    c1e3d14ada48864aa37ecb0592d1ad9380b5fdb2a646655b7e949b6555aa23a1

    SHA512

    aa22705f0c8a7f448b48d2753691de052ff1c5f063781d65053fe6b1ec70fc899423cb4c8f7ebe389bd2fcde27f9aa6df72ac1a657a5aace9d50d30df9e291f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a0f9644ce86145e7c9554936906afa1

    SHA1

    ba5b49a32e4ad53aa694a357ee9ef91bfccddf66

    SHA256

    50f2493716be6f4d9edb94f010bccc94b02200b73d32537340e8adaa080f5bbf

    SHA512

    a2f6602f241ee5934ba7593b8a21e83aa1c9095f2a705e6ff9d02970a63b3efee0e2c8af13d615dd776345a4055c75014cce3abdf60100c83dde547155538ca2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71f82d9f1f88c7a14e0bbf0cfdf8df54

    SHA1

    265ef0ee29f446c73ff5316aafc5626ed1b99688

    SHA256

    a50422fff136dcd8efe0c35b48ace114945f25554d7911b87fe5cc7461e42fec

    SHA512

    f75e271b68d43d88bf084e5a6960a2029630ac71e660be89a790c5e49263d4ea0e202de0b3dc47958c349f10c60448ec125180684c42810d4ab8b023e4d2076c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcf1c4550c8ad226497178e7f0551092

    SHA1

    48f4b842bd21a65ff30233a80f018ea18c670bd2

    SHA256

    58ea420461f79bcbe11f87b70649114c33c950e6b285ba554cc26e54e0a39ed6

    SHA512

    0f1fd70077b7d9bb078706fd981bd791feb178327a66a1cc31eb011712efca5b1f85ad2008c0b8df0212ddd2103f0e3c12ac72c59bee71152ccf4f747259a140

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38ab9e59cd48a034b61e3c5511a2c246

    SHA1

    aa957c922fa682b2ff5a0f3ec66e8b2f10f8dd3b

    SHA256

    bc2d10047d6646b9bf8de428a625409297e52ffcaaaa1041825ed498fa63846b

    SHA512

    1ec283181b17b695cc356a2aec870a2a88d6e78a5dbdc239fd57e42c0b0d35bd3f2bb0ca4a8448e1fe4cc2f34020508ff61a116e5f4c5d56f01e3fa0592ec10e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCED7.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD0C2.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\07DY27JJ.txt
    Filesize

    603B

    MD5

    6955ca4d4c0eb92602c3b5f25665a15e

    SHA1

    625b2dbf16b34f14f38713fe0731ee914d0ff8da

    SHA256

    7b8808b0c68a4457c02f6b99953081d8946ced8b7d810c417e7ac38af1ffdb7d

    SHA512

    4c4c41a03b8ab5049364689539cc48754ae3732e66dc5f76ff83abfe7f4ba8ec36223681b61e38a687a9bd6ac66b87b477f3bdf914d5a04dc6f77999e3768694

    Download Submit