Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Sign Contr...7.html

windows7-x64

1

Sign Contr...7.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    04/05/2023, 14:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sign Contract Waiver a.turca967.html

  • Size

    763KB

  • MD5

    ebd82c3c202ad2aa2c19ae3200b19afa

  • SHA1

    c18d16e9624b56dc37ea108394a02492a4aa752d

  • SHA256

    9ebc4b07cc398d1621173142152477d0f388041a83348f985ce9ac537b693c19

  • SHA512

    f55aa87f81c8a11bf081fc6a62c74d17f9d8cc66dd63a4e4b972ab25df7bee8cf5060e905776d6678d4be4d603c183c6a4dc49cfc4d7cbd132b3b8bb76ca4d98

  • SSDEEP

    12288:TYrvVEkV9lAnCuQTUXUbD5AIeZ71trPoq5UGcOOwn1TGzsf:TYrvVEkVGCuQOUbFAPZRorEasf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Sign Contract Waiver a.turca967.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1312

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f98f6ab820c68103d8e3e8cc1279319

    SHA1

    1400bae3ece13ce8375bcfb8767d5b8303d4d19f

    SHA256

    438fed6152b090e255d9be75a4cc225682ea1b0db6d07bc1450434e1d6abf984

    SHA512

    13978adcd631580f49fb8d5db7a40b0ec35f7e77afdd1e79a26c83909f70a7a767a3d2761928e8b6ad416e35f1443e216ad5406e271ce753d12d364296c77e3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    059cc829d105d1be5058117632ba4008

    SHA1

    3dcc7ebda75d9db4f6bd3dff3ff50f737436ba14

    SHA256

    1d03f6924538da2dc17c8e668534950ab22fc2c1b6d89c2a573e4fd257244877

    SHA512

    2512d8dfa3c47fd58b948978b731ec458ef1810add983032dd38f7669c0e6cf9f5a2f1c4bce0618bf40a92fcea6b955c882cd83400e66950eba74a88efe04890

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a11279f7b4b5105cd457fa9d456f97d

    SHA1

    1e7e440a4a5fdeb65e9a23c85a5df883e8967fcf

    SHA256

    9adba930aa0dfa7d302be028e431c3704bf10a2ebe3b9557bf66ae4e8729a462

    SHA512

    2af6e2a3f320e0e6edd9e5600b0667045e30eb82fbc0f67d06a7391945c3e8fbdb98d66190649aa34c54d2dbd785d2431709691373efee39f26b28e894f53bd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08b5d22d30f8c6cc9852233b80a739ed

    SHA1

    c6c11b1d461bf16dac5a22bb12cd687c9da298a9

    SHA256

    deb2257c5961c939c4ac0ac84323115424ec50f7f8be9f57f38c64ca00d1274f

    SHA512

    e71e5737e1b1dda42d05b57e5139dcd327354bf88b04bc879254e3334b6985a6d285f25a5e98cc9ba3d7afe764885e22d176acb43ace848102bf1f7715c6a534

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb5a3c2444190c0d781f699f118f7b43

    SHA1

    a7690c7128476253d01694b1f761ce7060f4081a

    SHA256

    e4754d2ddfe11fae509f1910632350b2e76656438e7543fc94ebc09c3f8f05b2

    SHA512

    bea6854b5264e83dd75524b2848b6de0d416b99d2cc551dcfc39efb990cf4dc9332e4bc2528da0bb42ef8f97048b4d24bc47e2b55ebf5c0c8fe551f2700767d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65f70230138572fb39b5851c22282c6a

    SHA1

    9e1cf7700b28de1cc49ebad183d7efc42fb8320f

    SHA256

    27effb227370836cb2378907e41fbb8489060e4ae18b09ea49a47928f3be4d8b

    SHA512

    2106421d327798dd110669629e4e42d7ab3b797f6eb289b52aefde6ee24d1afffa8eff0fdbaab380e8744d28a49cc926236220a1871c7eb8dde84435a550daae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98a505a9bbd3d947c2af6f8b43040153

    SHA1

    8bd8c3747f346c1e863b653968417d9b2b6ceb5e

    SHA256

    91beb7f47cf8dfde89f0cb8d0de0fd9a9576b314d2f07068b59ca19f2b7c43ab

    SHA512

    c6613df9e56698bcfcf77315dca4a0d4d89b03268a179d25ccd1c3e2ab78782f44590a5cb29514c83deefc61d89aee672b206df2cb269079633f86c6795b44d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1e1946cbfe0cd8a64eb2649838c86a0

    SHA1

    a75d057aae8f6394442aca852de0b74a2ad1e767

    SHA256

    880c866aa39e04f7ddcd37cac5a4815ee4fd312f9508374ee3e4145c4f7d7099

    SHA512

    ed696380261d9f521955146c64b5a56363d2d7f4c250691aa25993b0d5916576fd2aaac5274eefb10675d171862ce55b3b94af65ee57105ac3ea3687adfc0c67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c43b5ef6698e5ee1a15d88506ee2e860

    SHA1

    f22406609a75c938f0b1a4fe0127ed451fd3834a

    SHA256

    4b2b9e9c84e0632d0cfa676a872d8d784189678eec2a4351ccf26c0c16ffa57a

    SHA512

    690aacefc29830209ba72811c8150766765e9ef5892589875d31484875f20a169e8d777bbaac28915e2dd3712a65e23ee715f7e9e4475f3140c7bdff6f21e368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    584a55b80e0503283486656a74f417ba

    SHA1

    b7121ec78a33dfa5b8ccc2adeddddfe82f74b7bb

    SHA256

    4412cd8166fb2bed2a0df7e206dedb8c819099235f18aa40322b0f61c74521f7

    SHA512

    e22d32b1c84df6b16b0e6b5ee61f3d6776de8fab6e8ed20c9571da1738d9571f420037f01ea21d7ab193fdde11d3022f4f719a162c5680f117d43027ed5dbcd6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZTPJYNO\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1F25.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2269.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\21CDRJ6K.txt
    Filesize

    603B

    MD5

    24984e7f025a6186ca90a33eab192957

    SHA1

    5c82c386c626044ea99322b45ff6af9e7c8f7173

    SHA256

    77ae2929abab286c36514b4a13de15e24cfc9ce3f84eb41c184d02ea8934dcd8

    SHA512

    14ceb47c02626643b8ad0262a6b50d4d8a9fdf36c1f669d1bf157e7f250ea526db76592a211ce0b5c4c34e07d3a9cc79da676490d9f0dfe153cdd6a61c4c1be6

    Download Submit