Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

NFe-XML72773657.htm

windows7-x64

1

NFe-XML72773657.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    02/05/2023, 17:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NFe-XML72773657.htm

  • Size

    592B

  • MD5

    9bbebf4e94f091a60c248121be37cd2e

  • SHA1

    a7918ed7d0c6d85241716092167c78b397eb5cb5

  • SHA256

    543083c0ce812653409f437b7c653de09338681e5de01b9889cdb2457a557bd5

  • SHA512

    e709c7605c6ab7f5dcc0bca628176610ec227b735b0e53cee047bf17977baaf48871ed0303f05535ea58c6af5ca9b5e627f2b7ec1d456da05e35d08579900b81

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\NFe-XML72773657.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1760 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:268
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1964

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      62KB

      MD5

      3ac860860707baaf32469fa7cc7c0192

      SHA1

      c33c2acdaba0e6fa41fd2f00f186804722477639

      SHA256

      d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

      SHA512

      d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8377e4a4d4080367867ab2da1e7a6a0d

      SHA1

      8865fa077ae99c501a7ad5620df790d581fcc752

      SHA256

      07e098b10648d475f2696aa3ce39e7728758cd152238567c2da7d3779a532f3a

      SHA512

      8f681bdacd6e463eaed40088bb291bbde8276c65036e1f8a858af20ee937a702aec92a4b648c3890501a3e362b7a205683a5a2ca7bfd6348a7970d370f4ac937

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      586834c48c921e1c9cdd5491620c6d3b

      SHA1

      61fc121494fa876944bd5439e51098d179fa87f2

      SHA256

      9b72928fb8be9ed2f96b86c1948b183b16c4aeb9bedd62ad93ced5ad3f52d2fc

      SHA512

      642bc1ed85b82249c7c03a97d95d4c4bbb997585e00b0ab90bdb21bbf7e3dad0bdc9b81afbb8dbae2ce2ebb3edb9d228e4080e91c2b4e4041d3ca18fb2b3aca1

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      42316b5d33d5ddea85fa71f143a10460

      SHA1

      33932951d321f3d809d63e1becb10a938c45ae01

      SHA256

      2ef814b8d2acc74244d21b5459e8928058248eb31e1fdb44737f1c5e9e7f55b1

      SHA512

      84c5f0fa7f4d35368115185900fbe7462e4aa77b940894e57c56f776d6dbf27890051002cd8b74050a3ade49765189cf58ad1a3754d8dc74aaf1a944d7e2b53f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      014214bc206de1aa152b3390497ba864

      SHA1

      dc64d2d2f4be3ccc7ff07d6f12c8ec0b377eed89

      SHA256

      7e3ecf301b0151842031c7197158338d0327c7ab47cb60bfa664ebf3ad388de6

      SHA512

      8c319bdc62f4eef54cc21f451ba23acf5d2784b6ef6fee6e9f1f90a70d933e64d806ee4603bb96a74a67224ed458fda34bba6e426daa66098ebfdd942c531f9a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      6063a8f09ef0f162741fb0a64399daf3

      SHA1

      8c7253a0101b8b88ef3ac568618d40b059a82bb2

      SHA256

      b62f9a3c485f18d56f4e527b478a136c3a45c6ec1fc75653f310deccd0305921

      SHA512

      b582da4ae4dae7c61e5a7077b50be26e36d8e0bc3861f9b7b1d04e8000777609843c357b6c2a4f2e69aa3bfeaad0071f0bd0df8678f65a78ba02055c16e1c0d0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8b40ac05b73d8fca0eb64e64d1447ee4

      SHA1

      e70c5f0cb48d75cfb22ea1c559f9a3f3457f836b

      SHA256

      8701cd7967ae6f6209aa9caf5a540f002ffb9e6e4c67804de40fe28346178b90

      SHA512

      da5c13a90d55d06f1e34eba2dce68a99ca0f9120b42b1a2478240e1acbfcaafd1717e317b5359b6f18dfa749935dc20dcaa7e8a4c5dd0a414ab6f0fdb489cca1

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      e30c49e18eed2c393a906e6d63e31b86

      SHA1

      b5935bf2ccd85d9ed9f438e23d12ea0548b44a73

      SHA256

      12a28c7e388d4c4cd89f6a1b48dc9414259abbc9c531104623197c1981100dd1

      SHA512

      6a86d70d4f5a31ea6fe9c83da732599d00af50f0912a42b8ea370501165e82969ee8e3e1d52c3c42f481f45d2b461cc8615d1dc57f099de14ab5055fcec2d5a1

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3ba9b559ac9f32745b1ac9f33b8dfaf8

      SHA1

      cedab3f97afc73fc57c09ea8ca8ef77799e446f8

      SHA256

      ad4326a763306dd9b9aa945594aaed6abf6bcb86130e8851a76cfd23757bbdf2

      SHA512

      075db893695c05c19b765946c9548d18481908233b64c1a5098d65da4c6a2bbda6e5a0a27ae12683d233578ad12cb34b6758c2ba8c0ba77fe66da1d27b2ab103

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TF0W5LQL\suggestions[1].en-US
      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab4A0F.tmp
      Filesize

      61KB

      MD5

      fc4666cbca561e864e7fdf883a9e6661

      SHA1

      2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

      SHA256

      10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

      SHA512

      c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar4B5D.tmp
      Filesize

      164KB

      MD5

      4ff65ad929cd9a367680e0e5b1c08166

      SHA1

      c0af0d4396bd1f15c45f39d3b849ba444233b3a2

      SHA256

      c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

      SHA512

      f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\1GAJLHUZ.txt
      Filesize

      601B

      MD5

      312e60ebaa95f3baf1417cd020771679

      SHA1

      41b99a0feac72c9339da9a0d731e05a84e3d7a31

      SHA256

      03c072a9cd9c0b55f4b6f7bc85b63c626b26fb812b65e64534ea1c25d222b236

      SHA512

      ef6bce7d9beeca516cef6128d1f7bb6a7b81dae9aad1ec4f3e7a3841b01bf00974e2cc1269c937f2160cf911683f1734bd1f5715d0811f7a94065668345a2a54

      Download Submit