Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

tarjeta de...al.zip

windows7-x64

1

tarjeta de...al.zip

windows10-2004-x64

1

META-INF/c...er.xml

windows7-x64

1

META-INF/c...er.xml

windows10-2004-x64

1

META-INF/links.xml

windows7-x64

1

META-INF/links.xml

windows10-2004-x64

1

META-INF/metadata.xml

windows7-x64

1

META-INF/metadata.xml

windows10-2004-x64

1

META-INF/textinfo.xml

windows7-x64

1

META-INF/textinfo.xml

windows10-2004-x64

1

color/color.xml

windows7-x64

1

color/color.xml

windows10-2004-x64

1

color/docPalette.xml

windows7-x64

1

color/docPalette.xml

windows10-2004-x64

1

content/da...ps.dat

windows7-x64

3

content/da...ps.dat

windows10-2004-x64

3

content/da...a1.dat

windows7-x64

3

content/da...a1.dat

windows10-2004-x64

3

content/da...ge.dat

windows7-x64

3

content/da...ge.dat

windows10-2004-x64

3

content/da...e1.dat

windows7-x64

3

content/da...e1.dat

windows10-2004-x64

3

content/da...st.dat

windows7-x64

3

content/da...st.dat

windows10-2004-x64

3

content/root.dat

windows7-x64

3

content/root.dat

windows10-2004-x64

3

embed/embedding0

windows7-x64

1

embed/embedding0

windows10-2004-x64

1

embed/embe...ed.png

windows7-x64

3

embed/embe...ed.png

windows10-2004-x64

3

embed/embedding0.png

windows7-x64

3

embed/embedding0.png

windows10-2004-x64

3

Analysis

  • max time kernel
    127s
  • max time network
    171s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2023, 03:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    META-INF/links.xml

  • Size

    53B

  • MD5

    bac13fd9a0bd005cfd344275fb7d0066

  • SHA1

    c79751e25a6c608006fb75421d21f8382430ab04

  • SHA256

    82fa176d3135d85af874dbf34339848dd8f82fc0bccbfb3d20f1ffd1bb07641a

  • SHA512

    bcfd73174c3ee2d37b36848c7331bcea8e9977530d3055b3298b186e4cf8c684f27060bb7d881440df81a61e748c7d72c05ade982d8e6b2b2f2a33eac2b703bc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
    "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\META-INF\links.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\iexplore.exe
      "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1996
      • C:\Program Files\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1112
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1112 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:112

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4f8a55b7ff2399a500cb1d088ebeddb

    SHA1

    f1db54ecd87076175c6f2c1404f3bd502f94e209

    SHA256

    d9b1b2f1eacc970127b076c27f01e3b6811773bb5ee6a07b1f53bf0fad04b564

    SHA512

    b858883fe4d4c74e50eee3cdf4c80b1378a482fd658571a3514c3099580b816204b79cf01e19e2378f20525f079472f6220f7b9849bffae50d94eb5242b921ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fc1a9c99258423707ea6b7a4735c84b

    SHA1

    9ab5a0e3cc6cffd61dcf78d65eb37833c47942da

    SHA256

    5efb241857d4a375fd093c4d374c449a6db068e999c96b6bc5a4e7d5d71401d5

    SHA512

    baac49ec087e449ecd5f4b1064147c3e92100b00f5648d6c533de40f1b65cb9ab9d1e3b1f19f9a2fef40471da20daa356f8236e0542b538a34e5a4d2a27f29c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fff837eb491706eccd7514e31f92e668

    SHA1

    889eba48466b4230eba93891121e9b62573bc170

    SHA256

    13508e721ae36bbd74fc340c05f7335afef818a31176844be667e72ede9bf8b8

    SHA512

    fe62c96e434e48f6724c9a38c38976ce8d85a6f92da83efb73e71929879019e4a1bfbb619a52458fc0bb68b9422ea3a5d8604e9ec25eb7309be2438af5799015

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b38967c3d2fc04627ca8b2fe428d1c03

    SHA1

    74a219e5ae8369cc571137ce5810a56123702591

    SHA256

    1caea9b8ab3a7b2a42f701bb11e19e55e5b76bff60fa99d36c1ab8fef0eb70a3

    SHA512

    d7cfc23c286d8cd50ede7cb452d00c004697d51d42e58071af8e22f507491660f780d043bbec418b8f4b220872ea3c8ef30c06acf2c6b38c6649e01abb869fa3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d67cf6cd7bbdc850cb3cc1d35fb546c

    SHA1

    01bd274c8836ace864a580941980c4652d74f39b

    SHA256

    052c0853baf2876719a332a5a53e821fd28aed3f1a2261b7813cf72e7d1d1382

    SHA512

    89b4a729de12325c801c1572af6b7f7c01384fd9c666c1d066f7954174344a4a081c8b151697b2cccf8010fcd89fb742ece2279672da88d34b29f1204aca4364

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ece207cf6cb82675d331bfa44e8529bd

    SHA1

    a50211b56943b469b4220173586bc9c81e2a387f

    SHA256

    818baa8dc3e0ea4b189e6a177bc172ad180e0fb235d6c0b3847b62ba8e76ceec

    SHA512

    fcbf0870a8542a238695e4012378a2e01b6b101488fd153c8273ebfef7d05392a6543b7b747959cd5b5e74a6a2a0eb0beb428b3f23194f4960248eca2ecd3073

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BYN4WSI\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1A19.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1BA7.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\L428PLGF.txt
    Filesize

    604B

    MD5

    61251f39effddd4f91ae987837fc7b7e

    SHA1

    44ba9d998a1e026333249127ee40581bbd0f6377

    SHA256

    70cf7a028f4e30f028a50a00882058702352177095d4c6021defb385c4b5747c

    SHA512

    2dfb92ac4407204ecb9dc1b53e535a335bbf16d3211e28291b5d3246dbb5e9d48e61e21f2c00ec18463316c7467c7497b820f8b28102093204b596cd28ae26c9

    Download Submit