Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    72s
  • max time network
    222s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    18/04/2023, 06:02

General

  • Target

    edf89271e021212126c5e5fb162a5d56104e92eaa1be0dab05a95ca097396f47.html

  • Size

    9KB

  • MD5

    b674f6b6877be5a8ec71d048028fce1b

  • SHA1

    efa15a1fda4f206405644d0b9063c9e65e743c00

  • SHA256

    edf89271e021212126c5e5fb162a5d56104e92eaa1be0dab05a95ca097396f47

  • SHA512

    797d9827fcf3cd9f5fce2bc3444823c13b9bfe3aebc8b3e3d23f4648b192da9d368ac3205b24c90e71da80a8e8f800d108fa07fdd259603abeac2114c9e7c7a1

  • SSDEEP

    192:1Llg+wuv13xV1cSHYumoldMIINNMjcIk+Lx4AgCXtTHxxSZ1yz:15g+3v13T1FH6MGIIPPIZLx4zyt6u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\edf89271e021212126c5e5fb162a5d56104e92eaa1be0dab05a95ca097396f47.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2876 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2588

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    c5eac463d1d45a752223572efb1ed5b1

    SHA1

    649fd8bcc3705d81012acfa09c56b92280220168

    SHA256

    93ec76a088937fb866ca3347ae719da9cf3d6a12d47711d6f548c7be9d827150

    SHA512

    88dbbad2ae7d60f1166dbc26fd7ea7cd958e30744b6fe0f2ee158bf28025dc753544b28c06b2e1e492d9ef725ad8926fee0c37569b0e902d549864496e1d843a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    434B

    MD5

    d16a100d0f4b864544abe492af2cecda

    SHA1

    5c8328bbeb5e32775d21bbfa040d1eb4dfeaf65c

    SHA256

    79f696b86a3f2e0c8ace11789d33553f7c98c67f29fe4b1480c706340236905e

    SHA512

    73a214484285bf581f250bebef27dcf4d2935f50bb6c92f569d4d3cb9e8e8d6428f1eec065040816bbb96f26a87a370d08484ef5e51f318ddba2293c383becb1

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\B1FTPK9F\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\B6NGXZDZ.cookie

    Filesize

    614B

    MD5

    0bab56fe47a817640b0cd791ec7733df

    SHA1

    2907a93c941cf38d2d6c81fd22c911672827b6cf

    SHA256

    30170b5d1240f114b0570254480968357cc8fd51211b1c3a67ee7ea39a7c6746

    SHA512

    a83341d15c828aa8230d395420187336898df765220a6c867993ead0a8c5e21f1d44a7cdae0772a9b6f8095f5c41dc24a533d550f9f569ec697baf4c4b1d461b