Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

URLScan

urlscan

1

https://anazom.co.ip...

windows10-2004-x64

5

Analysis

  • max time kernel
    259s
  • max time network
    262s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/04/2023, 15:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://anazom.co.ip.zmjzfc.com

Score
5/10
amazonphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand amazon.
    phishingamazon
  • Checks processor information in registry 2 TTPs 5 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://anazom.co.ip.zmjzfc.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1476
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1476 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:652
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:1476 CREDAT:82950 /prefetch:2
      2⤵
      • Checks processor information in registry
      • Enumerates system info in registry
      • Modifies Internet Explorer settings
      PID:1436
  • C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
    C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
    1⤵
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3320

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    0d3a327012d745be5460b16b2ad84a14

    SHA1

    4d2ba2c84274a0b849205ae02126b2b4f20081d9

    SHA256

    ce02f3c64f276f89f05554bd0e91388b26e2107c5c7c658c7a09a2f0937156fa

    SHA512

    13af8edd9dcd9878e4fcc33d375718cd340861098cf0f519139891d9709b733167ce4ee39ef9a9527e732a4d32376b537a65b3c307b1008a60e565697b3a1b74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    280cab7fc1b70fc1f9f56b2c7d713b00

    SHA1

    4e96a5e7612eb27f55cc077d593aeada8d2de5e2

    SHA256

    656a0cf77af0d873f59010927e5cb74880f7a02722847086ec4bb53b1c48e9a1

    SHA512

    87d5bd57b65dcaa2f3fc4ff4a5b2040b1bf5540b2a28affd479d8348469896bcba8ad60a8d2b856bcfe96603a48c0ff44fda26f10361bc8520736e74a4eca5ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\F12\debugger\settings.json
    Filesize

    3B

    MD5

    ecaa88f7fa0bf610a5a26cf545dcd3aa

    SHA1

    57218c316b6921e2cd61027a2387edc31a2d9471

    SHA256

    f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5

    SHA512

    37c783b80b1d458b89e712c2dfe2777050eff0aefc9f6d8beedee77807d9aeb2e27d14815cf4f0229b1d36c186bb5f2b5ef55e632b108cc41e9fb964c39b42a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\q7s3h6i\imagestore.dat
    Filesize

    17KB

    MD5

    48092474c3ceb8f23aaa39f6e1b61810

    SHA1

    c318b5992ebe9e97124877b419c29ee1e44aa2fc

    SHA256

    4dc24eb409aa1be3b3e0fd7351a6ed71099224924fdc8107a718430b8ea3aea8

    SHA512

    09412bbdd68315f25ca1960a14acd38492d41d6d37db6749cd90357aa9f6f34fab031c16df2ed733c949c214810ed14a58611bd881d94a6bc8a3ef939719b38c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0BMP3ERH\QZ4PPIJF.htm
    Filesize

    826B

    MD5

    20fe66d3cdb77583eba3196c7c699849

    SHA1

    9ee15e98371fe90c71deec80ea1f107938212883

    SHA256

    6f7c9fa42fd74b50fd54bffa36d548152cb409a46c0da8099ed9cb4772cc4957

    SHA512

    b746dab1e02ea9e7b4aa7c54a718134cf19fca9bdac9bc03595e64839a94a85e6a386c21b00e4b5e2494e041a864159c22881e1852af6ecde22f1056757fde34

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0BMP3ERH\base64[1]
    Filesize

    1KB

    MD5

    50cb209b992f235690ef57a156f9811d

    SHA1

    e8ab821e0db663f3ad4c7277c618c3f3fd5607d8

    SHA256

    34e52fc67bc91cd7b1cace0879c30cd72b7f890b6b94348accac9161e2618587

    SHA512

    2a00c8fc3cdc4bfd9ca6d6a4bb99ccc314e22ac01b009cf924cf76472d132eb0be3155300f3529cb7ce7b75a6bc904416904a6b71ecf07609592d70b826723f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0BMP3ERH\workerMessaging[2]
    Filesize

    1KB

    MD5

    e4fd7babe452d7ad9be4a435bb2d96c3

    SHA1

    e367f3c66def8689e224dcf97f7e599c5238d03c

    SHA256

    0b16bd70942795ff5f8c2294e7fc983ef0d5e159e2bf5bd825b41a55e565cbd0

    SHA512

    cacb16cad550eb303555676b3314bfd41b0c960bd58ac3f5f202872df29c30ebcde37e5cfbaf12ce699a8f3acfcbd13306d777f8f4a0cc0f10c6db18ea5b0bcb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\app.ecbbaa23[1].css
    Filesize

    346KB

    MD5

    c4b39df6002165533e599a8f876f35d3

    SHA1

    795965fefc9e4cb71cc0fc227835c022d1ebc238

    SHA256

    ac71a875b6ad9e05e3159160f1df2d82ca767c7bedf29fff3d15ae6ade4b5286

    SHA512

    4e49fd2bb18141ab7e217063fdb181bd9513c5d761a5b9112be410f3ad919aab83c30cbad63c3cbe134e1f7f6e9b7d3e4e0ff15ed520172941b1fb18b0416d6f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\app.ecbbaa23[1].css
    Filesize

    346KB

    MD5

    c4b39df6002165533e599a8f876f35d3

    SHA1

    795965fefc9e4cb71cc0fc227835c022d1ebc238

    SHA256

    ac71a875b6ad9e05e3159160f1df2d82ca767c7bedf29fff3d15ae6ade4b5286

    SHA512

    4e49fd2bb18141ab7e217063fdb181bd9513c5d761a5b9112be410f3ad919aab83c30cbad63c3cbe134e1f7f6e9b7d3e4e0ff15ed520172941b1fb18b0416d6f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\chunk-vendors.a64b9bc1[1].js
    Filesize

    280KB

    MD5

    6ab965b5b432c2604f12551e9e9ccd34

    SHA1

    da66467d0c61a401dda93a129dd13b4dd4faf1cc

    SHA256

    49671c658272b6a74afd68b2efe9da7b2b3ef62c7cd8c49a936ed09173bf39f5

    SHA512

    4a407e424a52f9c6328a437681d358f716b6600a1c8ca7d9faac575e62ff5dc78578f629092aa6480828e29eadd9f39ce51c8b494f69d114772a1aeda0d37303

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\chunk-vendors.a64b9bc1[1].js
    Filesize

    280KB

    MD5

    6ab965b5b432c2604f12551e9e9ccd34

    SHA1

    da66467d0c61a401dda93a129dd13b4dd4faf1cc

    SHA256

    49671c658272b6a74afd68b2efe9da7b2b3ef62c7cd8c49a936ed09173bf39f5

    SHA512

    4a407e424a52f9c6328a437681d358f716b6600a1c8ca7d9faac575e62ff5dc78578f629092aa6480828e29eadd9f39ce51c8b494f69d114772a1aeda0d37303

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\controls[1]
    Filesize

    22KB

    MD5

    cf6ae18a4a5a48e497570557391d7920

    SHA1

    ad9ce2ad74fd0bcd5fa998cff895168ada13a1cc

    SHA256

    993700d10307ac3485ea71e01c49dd2abae6360a5f1406e03e91c7a6532fc591

    SHA512

    43e9e37f8de63d2131e3159471a8a7765a08a4efbbd1505a1fb1dce4a85ca2e7e1391a241b2e01509f69b5ffb183ab488d20341a5baace00cfd8d753d3955e8f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\sourcemapMappings[1]
    Filesize

    2KB

    MD5

    7e025b9d8b8d44b2bb72855098b71b16

    SHA1

    6fe2613d4242611b5fda34348a1ae97d0c80d362

    SHA256

    fd5338a0ecf511026cb303e4f3a20394fadc0d72cf176eb127d93fc25b94935a

    SHA512

    d1f338254621fd97eae145194681c190a1b461f3401c1327453d766139db0b2fa8249a8188618c2d39183928b0b29cf7ccb10a18eac2a35648c48b6a036b6afd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\sourcemapParser[2]
    Filesize

    2KB

    MD5

    df5fa60cced75de9790e1e1a7a89ce7b

    SHA1

    b7f4f2f30ee08712a47813f61613f25a4275fd12

    SHA256

    3300caad05e8874e36d519fe65e1a7b82bb6e3dbd99f413fe2b6edef086db091

    SHA512

    728467e5d45349b6ea857f270e6024620cf70ceed90110b02bcfffb2a720525e679400b4fdb72720b849ef2e985cfa94bf9a9f7ef188df41aa04bdfe6359009d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\CommonMerged[2]
    Filesize

    572KB

    MD5

    9ef197a076681c3d4c5e7a1e07cf15f5

    SHA1

    350d4ad02899f3838e4ce3bca3a13deb496c5509

    SHA256

    a24521823149886e4ebb47b4c8bdb7859985683ec302aaf941872b8d2852bebb

    SHA512

    6ca063a22f226421c8c901e659a38180f5198a12af7a8d380d74de1e2fcfb5bfb892cda88770729a2367f2b23e5a1bfc34cede0fade20c4dc13e0391fbd41cc3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\app.50e9fc0a[1].js
    Filesize

    335KB

    MD5

    218d3fe36e951eac658e1f9a44254a2a

    SHA1

    d0b6d73f7722c6f946f1ccf208c153d84272f0d0

    SHA256

    5de5be3aedcb9dbeac36b68ac1bd1a7025bea6b80c30e0c045a3fac262316f51

    SHA512

    ae651c868432df930ca2261eeaddb54b20e2933cfadd39022c3ec1b46d0ba8d78651db10aa20250642fda6a088be4c89153e3e64fbd56a319f76c03c463f881e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\app.50e9fc0a[1].js
    Filesize

    335KB

    MD5

    218d3fe36e951eac658e1f9a44254a2a

    SHA1

    d0b6d73f7722c6f946f1ccf208c153d84272f0d0

    SHA256

    5de5be3aedcb9dbeac36b68ac1bd1a7025bea6b80c30e0c045a3fac262316f51

    SHA512

    ae651c868432df930ca2261eeaddb54b20e2933cfadd39022c3ec1b46d0ba8d78651db10aa20250642fda6a088be4c89153e3e64fbd56a319f76c03c463f881e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\favicon[1].ico
    Filesize

    17KB

    MD5

    ca6619b86c2f6e6068b69ba3aaddb7e4

    SHA1

    c44a1bb9d14385334eb851fbb0afb19d961c1ee7

    SHA256

    17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09

    SHA512

    30f8f8618bfbcd57925411e6860a10b6ad9a60f2a6b08d35c870ea3f4cec4692596a937ff1457ceff5847d5da2b86ceba0200706625e28c56a2455e6a8c121d3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\favicon[1].ico
    Filesize

    17KB

    MD5

    ca6619b86c2f6e6068b69ba3aaddb7e4

    SHA1

    c44a1bb9d14385334eb851fbb0afb19d961c1ee7

    SHA256

    17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09

    SHA512

    30f8f8618bfbcd57925411e6860a10b6ad9a60f2a6b08d35c870ea3f4cec4692596a937ff1457ceff5847d5da2b86ceba0200706625e28c56a2455e6a8c121d3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\isDebugBuild[1]
    Filesize

    87B

    MD5

    70f25a5edce5e20d870ff1c98a5ec5f5

    SHA1

    5fe33de0c8cb6d65f794c4dff0bfd5bdb15a7073

    SHA256

    ae2cfc14f884e61f693b00ad0945f372face67b1fc49c6479502cefba3b82e9e

    SHA512

    e4db4b122bc436edaa2dc810dbe1b0d61a5115e01a05b8e4f0874e639781b517b70ba5a80e1df7176aa612917c05ea10c06fc8114a8caeb00b38b7b01f8dc34e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\plugin.f12[1]
    Filesize

    160KB

    MD5

    fdf4a73ffdab93e3a0422b9d2e252ca9

    SHA1

    c969911ecf2414e17fc16c1a15512bab79842d23

    SHA256

    26c3f906421451fb7a86d275288c9ea0bd6810959812edb6564e0c23f76702e0

    SHA512

    569c53094876dd65556a824416bfd0016764205ebf6e61c87529445d4c619860a086895a92f735089da501b96e5fb3361279f9731f5d46c56695133bf8318b6a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\plugin[2]
    Filesize

    411B

    MD5

    6f65b6608be4e65166d660fdc450fa60

    SHA1

    91862bd34ab08e3511b7b7f1e71baefd57c33016

    SHA256

    7c56cbab79bd396e31a1f2a0891e23aa7d49e7a87c3bfd6d7ca445a095d73b9d

    SHA512

    38fcbb1e3f5ac1fc959d7509b6b1930d6ee5e3284815ca13c2976501ca8f00fa0b5661d9ebb76e5800ca126b3d0564626015e45e7beb401ba42c99f4d6230e2e

    Download Submit