Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://ctldl.windows...

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/05/2023, 14:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://ctldl.windowsupdate.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://ctldl.windowsupdate.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1304 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1400

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    1KB

    MD5

    841785fa29e2c9c554cfde87bcbda6b7

    SHA1

    dcfd3c07636dbcea62a23e20d60e268e476a24c9

    SHA256

    4f072540751d954745f9db3db8ddb93c122a52700fe4bc5ecb977c2c48c52562

    SHA512

    e9ff84cd3b073e01cd68e70c5e5e9b99f062b552e9641f21c3273497526d158f88baff8a3b08098bb65c353c3f2af8acd8cb3d14079f853ea1bedd655178fb6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    bd71617256882953841a8337a4dd5d5c

    SHA1

    d9b47492fafc72a5fbca10c56229fe6a2757331a

    SHA256

    8f2693e8b656256ad2faa63c3421eb6f1a4e278d2e2e3cc97d5acd5642f97ba2

    SHA512

    2d40d636e04523d2095e6896f24a911c523d581b93d486af41275b3b6dc94e05bf5e4de8e2c8479886e4c3f2ff87215fd25c028846ba5a868258875dcca3fa2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    446B

    MD5

    2b7a66501ad88e638a7022b5358ba0e4

    SHA1

    d859c655d0f4d0899b14b774c57eaf820d7a3eeb

    SHA256

    ca469a9cf0c140dc5c2bffbd3583b236fbaefc71ac387a3be780e70566a19b49

    SHA512

    97513d865fe0c394253d2e1464bd554f252375fcffb0287139f8fe21fd5a9b09da3c8420b20f45c76fced90dca47d9e7f35eb5ffd5766df7ae96e80ddc01556d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    d7127b300aafad2bb9784d14cea15efe

    SHA1

    368639db4c1e55c32b1560996b775fb698c3e85a

    SHA256

    d5c8d20d1f76815b601915bb5cebf34d4f7d91a4ff603d06ec80824e60c54a53

    SHA512

    d0c6f20aa531d9892fe683fad6016d1b92e396ddb7133c14d976f943b86108974fda46266b317852edb98cec111630affc8ccdf97f08930812f88ed0fb00f602

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZX2TY5UZ\support.microsoft[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    771B

    MD5

    2a9bf68632a3608b2ded082dc4474ae4

    SHA1

    2d1362c42b9ff5ace4516b054eca8b715b8fa7df

    SHA256

    839fa1db9c506dd383ca265428322e9316f988ff1de82146bae0f8e0c0e94780

    SHA512

    4860464f1ed6ddfcb3e42e97c894455057819fd535b7c768afbd22e55ae71e993f6cd7cf161c448435cd297f9149100581966600edd3bd23ae16656564a88fea

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\39K1WZBJ\favicon-32x32[1].png
    Filesize

    631B

    MD5

    fb2ed9313c602f40b7a2762acc15ff89

    SHA1

    8a390d07a8401d40cbc1a16d873911fa4cb463f5

    SHA256

    b241d02fab4b17291af37993eb249f9303eb5897610abafac4c9f6aa6a878369

    SHA512

    9cbcf5c7b8409494f6d543434ecaff42de8a2d0632a17931062d7d1cc130d43e61162eedb0965b545e65e0687ded4d4b51e29631568af34b157a7d02a3852508

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\39K1WZBJ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\OffSMDL2.4.50[1].woff
    Filesize

    43KB

    MD5

    4c6c928daf19e2a06faf12bd2f002d2e

    SHA1

    027d4709db809d9e9b2627b74a152aec29066ee8

    SHA256

    2c9728c235211d8956826af42d99936b409536e6027e9162835731d5b005d462

    SHA512

    62445364d9696d1ffa4bacb49b6d04d4d2415d3145b628885d48348c233a11fa336c5de8133564c541d73152950b33a3661f190d3f86a326ceff13cb0d52005e

    Download Submit