Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://ea.pstmrk.it...

windows10-2004-x64

1

Analysis

  • max time kernel
    72s
  • max time network
    201s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/04/2023, 02:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://ea.pstmrk.it/open?m=v3_1.AAAAAAAAAAAAAAAAAAAAAA.U4hjy29GctDF-IbULPz6RAfMDvQqNLuDOV-olfG9mzU37b18UwZBJYMj4NaJLG9vK5TfyZmA8EFKl2xKg1JdCGit5OCwo5PxGfvr-Oh-sxIjWRvexrJT2g3Bk66aOGRTmHirEzYbiphIn2ijwAOCYOLi7u21wI9DWVFYuBgjJGYYW_xEzF3XNIhNe77mgLEPiWfRqKpMCmkXk4pPjRHH8dwIcygMvfltWU5dX3cxsoWX3s4FWZQ5baObBa2Aax9wyfxUR16tjUaDIrcItJpPsk2BEqAmdNmpwxrmnqUk2UtvxXP3rfjIh_gU43IK0Ymm-yNOeRLmYLVTsPPssXFFKIXwVQ3gKyYZc2xsWAqO7HIcelnbY4-b5HpZyPlPrcb44nKyXgymjd3EmWNHJAWRe1nwPcAk6S7b6_EcOe_K0vKcLQnqqlZ3qd2JAohYgNb6Shi6k-9hImkJJL1C3DiRccmmVGCRVhak_Ftamj-BnG8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://ea.pstmrk.it/open?m=v3_1.AAAAAAAAAAAAAAAAAAAAAA.U4hjy29GctDF-IbULPz6RAfMDvQqNLuDOV-olfG9mzU37b18UwZBJYMj4NaJLG9vK5TfyZmA8EFKl2xKg1JdCGit5OCwo5PxGfvr-Oh-sxIjWRvexrJT2g3Bk66aOGRTmHirEzYbiphIn2ijwAOCYOLi7u21wI9DWVFYuBgjJGYYW_xEzF3XNIhNe77mgLEPiWfRqKpMCmkXk4pPjRHH8dwIcygMvfltWU5dX3cxsoWX3s4FWZQ5baObBa2Aax9wyfxUR16tjUaDIrcItJpPsk2BEqAmdNmpwxrmnqUk2UtvxXP3rfjIh_gU43IK0Ymm-yNOeRLmYLVTsPPssXFFKIXwVQ3gKyYZc2xsWAqO7HIcelnbY4-b5HpZyPlPrcb44nKyXgymjd3EmWNHJAWRe1nwPcAk6S7b6_EcOe_K0vKcLQnqqlZ3qd2JAohYgNb6Shi6k-9hImkJJL1C3DiRccmmVGCRVhak_Ftamj-BnG8
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3404 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4596

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    173a79e136330a70b71832e4563d1b42

    SHA1

    28b14a7bbe8a20fb082b36a9d2651e13fd1d14fe

    SHA256

    b3a892deb1113445e59cd3ef9ac10f02a8792652c30a2effe4cdc060bd71a03e

    SHA512

    b50efc28fb0d1731a9e337b531660c20c0d4046f2ed81e8085f5a9ca1c44b9960577fa558d729b48c8d3328f2599d1e27a19c4e59ed97125deee6a638fa2e880

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    bb1ef5ba843d13e1a9dfa2e4e2dccbc5

    SHA1

    e3f1ea41385da62bda964772578967b64859fe2e

    SHA256

    b01c6c4e080d115adaadfe65ece31b6accd8e91152871d208d3478267ff30e74

    SHA512

    a5eabdaad0fc330e8075c7abfdbef0ae6bf9464fbdd67eacc903df069c5683b4d97d19387a767047ff82a2bc2c67440ead55600a4d4a2b9125b07c3f64e5002e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\q7s3h6i\imagestore.dat
    Filesize

    4KB

    MD5

    42ab8889bb190da76e5ebffd7c0f41ae

    SHA1

    c75be007eb092af6e25e8ad6a47e6d65a4f5bfb4

    SHA256

    25dbc3eeee8f05af0b331dd29197a658b441dfd5e6c9e9663bbe736ab1096430

    SHA512

    487dcfcd3ffbd0d7c612801d3f2349942f8bfbb940c2bca53021dce20e16c2d7920306429bf1f4c0b8045ab240c70afa53b5e374bcb4686df56ddf2d0f945964

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\favicon[1].ico
    Filesize

    4KB

    MD5

    226a3b111a56268b07978107172649c9

    SHA1

    63130f353eb4e3adafec644fc105b1c5b0704bca

    SHA256

    2aaf4cae9bde3fc7fc0f2f9728dbbf6805b6fff38c6464a9a62f575ebb466cfc

    SHA512

    ebf65a20dfefd0145e5b9138b98082a439738c487b5c40b77f31f86ee730c1084503fb2535dff9cbe8005dd58a4695a094bb491d892c25a123bf3cbac4f72443

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit