Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

PO#098484OBZ.XLS.html

windows7-x64

1

PO#098484OBZ.XLS.html

windows10-2004-x64

1

Analysis

  • max time kernel
    106s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2023, 18:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PO#098484OBZ.XLS.html

  • Size

    345KB

  • MD5

    67db735b4cc8bb38d08eeec8625e0127

  • SHA1

    8e7a12c8d1762323a172536945ec88a8f413d8ab

  • SHA256

    6270e3df2d4d5ae64762d7ba6b6b1c0ee8e6d0c1577edb02aa1ad4ef156e4948

  • SHA512

    26369978c190e2fef107f39e42f182847c62141b9d264779938be8080030518f47aa8b17a8dcb0059dde9728641e5d56a1129c7479149685ad037555f0a228e3

  • SSDEEP

    6144:76XqfxJBtatevHpPEdVdrEP/h+2U/TcBhIBJM95mSpIV8BAcVa:7NxJ3atex2VdrERa/IMBJMuKIV8ecVa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PO#098484OBZ.XLS.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:308 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1772

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4700bce281e1a35d00b4630cb9f0839

    SHA1

    892ee81376b5fbcb03eebdf28ebaecea57aa1a6d

    SHA256

    9e4e2dd3ace633b0a707dd849a6074d596f4602b857a1779975bd905f5640e7e

    SHA512

    a5614a1519a013077f53636409d79744f854c1f2c23f4e1e92584ecc61de8e590661a20d1e761896ea449006513977044a248f9895730b4689086915ff641916

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b2c0ce25bfa3873a4b7af066c8e13b2

    SHA1

    36832d29bbf04db8cc043a5e5ecf9f375f9c58ce

    SHA256

    067174f68a98f16e07f9ade18c6146655ff8e308c5d330e53eeaf9d22f8c7c40

    SHA512

    b362fbec0a765dfbdc008b8b500e39abf317b01b4419d039d4f79192cde43213a574cf6168575fe16df7ec80253173e4f56386e4525a07812eacc290935ad367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fd55cf29ab104224e8d3cae554b8f22

    SHA1

    9e61e0724ab8469cabf0874e587a65f8d664bb8f

    SHA256

    8964c928a4d42ef7097c8142392c7451da7885580ad9d0952f03743b8b1d7bca

    SHA512

    f66e27986387e2638936193977bd5acd187159426ac322ec00604664af0c2e6d39e74a3fc58615c13654da52251fd3033dc4afe39eb05aa5ce667b7dc3bb15e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb2b05042d11c31de865fb2f698e6ada

    SHA1

    5d50dfa95a29741a19edac92c48ec55c922be168

    SHA256

    51c85a0eb431082d02210be3d09e09d7d9aec3e0ceeeb512a8729037aec0dc10

    SHA512

    2508b3aae0555c03b6ba0ea0fd82bc3a7eca0c74e9dd1f520512d49bf38d4abac074479af702a5bb3b24273270137fc38510f512de8536ce84329dee910a676e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4bcb92b822c7b195968dbb8bf61f0e18

    SHA1

    bb8bdeb184c637d446e5a56b37eca726cf9cf0e5

    SHA256

    97ea0993b25080770e5cac478d4a7318c88f498db80d85574d0dbf88f827531e

    SHA512

    49de47f605f3fccd65a910805209925097a042f390ee40a8eb3d3c8b7311d0ebefdc7f8bee7f46835b215d30eed4ebb1c0854fdf32b480edc70d289f4427c619

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8158d7699a08afd34aff8f2d6a0c0c5

    SHA1

    bdaff0be2cc481cf55ec128d7ee234ca5a0bc0e0

    SHA256

    16293f174828b406b823268d9cebfd67a90ece2596ff60e0030d153530233d6b

    SHA512

    4a3b896f1e82722086353605cb2591f17d007c22c71b2f1fb6ed299fb8e664dedac6e86e28bb4d60c5b6c086b5c0553f1f7496c5da42eff516d5441cef90270c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0829d1ceac97b5d473ffe17490ee56e

    SHA1

    8cc2e9579893c2a2e23ecafebe98e2409008799f

    SHA256

    c8f85dede91c6de642626740fdf28d430b5d7004ffe3fc2af8f221102e3fbe9a

    SHA512

    13fab0681c2b5a5e93849a99e3e598ecb18fe0a11f91c006d7df6b1b9b41d13ce08aaa9f2ca162a277c2b4f9c7fa4bdf5621cf44a5eeffdc79f318460833ccae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1bb4c1ee7585e230bb18076c3c17fd8

    SHA1

    bd914fec56d139dfd8714b5069428bb864d83026

    SHA256

    67006bbe9a9c98f405e02c59a129580a258749ac983784f7b338a379ade6ba87

    SHA512

    bc07f7cb6a6df7e868e26e35f00ed9f974fafd24c58874c5679dd73123959641a9d8adfaacaea9d440fc7d2d298c9726338268ae5d31ec94f65df3273224bbe0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb0351abe271875c041b445ccd9e941e

    SHA1

    a304376cd1910dd9dc5ceb5fd2d0c22a9b8e3602

    SHA256

    fea1a87abec4145ed2219eb0948065417ff003005d1e2b39c2ec62595830d595

    SHA512

    406251cac55e04ed66049be30851aee80f50d1dcc8f0a53c0ae0c48e7de4e5e32e711a58b588f65d1ea3bd15baef9fb1a22200142c8e732feaa9a150ea72d176

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f79e6b40b8b8fa20b9c88aa2789f6ec

    SHA1

    33cf57b30984cde09b6a46d57cc310560209bde0

    SHA256

    e191f25056912daffac83f5236ea3b72427849cbfd1fe086fd681c32a429ec26

    SHA512

    663a59a8820ed079362d9521f613c6ba5f0e36d5af9969a97884e8e7ed19f22d460f1be4ccbd410ae89f1755fb4fa6e1b20476568d35fadab47c961ea1123438

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23c2d9747d3c9adbca3775b5f3adda1f

    SHA1

    8ae58a2330a7ef9b2f186e94b5df0980a76568eb

    SHA256

    67b6535facf390bd853bfa30d024da2276437bc42012714d63d3832a30b00719

    SHA512

    5156fa4031047670265afff5d8aff0d0b334f7b2ce126b913ac470c52cacb11d6642bd40e35248fff5d4a72697755193968860afac8119da5f4a61e2e3068db8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3C95.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3F4D.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\G49W5V0B.txt
    Filesize

    600B

    MD5

    3ae582dab26cbe313b93daefb9a5e684

    SHA1

    1385233a6be09928da2f6a8667821ff1cf093c0c

    SHA256

    6da7e306cfea1bdb01357c082474720d53cc9d09646b1b588ae7dabb07366933

    SHA512

    4b80ead56a0bfcb656de0bc66d56a17744a493f6483b9e08c3a480f9b3594066d6f6d57c1db61af158335711695b5f26bd94f92ebcfc6a995cc52193fc11c120

    Download Submit