Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

h1dd3n.html

windows7-x64

1

h1dd3n.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    170s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    11/05/2023, 16:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    h1dd3n.html

  • Size

    5KB

  • MD5

    80c3c060dfad893bc2b6e2d3a8a212a2

  • SHA1

    c5020317ecb30b20e1b36a4a27d63b0bfd933ae4

  • SHA256

    d450bd634dcc6c7f9812047a2eafeb18ec28d5737913f324ec0ca6111fa15a97

  • SHA512

    9b9696f8bba6fdb2136caee8cb5b59ba46aa435664530709bfd7cc8d3f2e980141b320662a6b611de6f98c133e699f0e61c357fa94454aae9a963400d1760750

  • SSDEEP

    96:uOCWpTTkTKTdTCTRTETCT1hTfTKTmTwTdTFTNTvTXuTJTQTaTJTHTGTdTDTfVTkJ:uITTkTKTdTCTRTETCTrTfTKTmTwTdTF4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\h1dd3n.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:936
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:936 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:268

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5a59f2ffecd399032c85fde10b9960f3

    SHA1

    6e1fe4ffaab98c20a3f163458a849b720ee71290

    SHA256

    ca78ec32944806811efd10d96be9aa3cac4be20f8d880bda91082f1a56424221

    SHA512

    f895e6f2b975fce428cdecf617e0f8018d8526555bb6ecce6cd275296f9702426f7de30018f808be236b7cd9b9feae44379cd3fc7a80a0dd63c6ce9e63fc9d4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ea10da09a67c3f2ad3824cd54f704012

    SHA1

    a1c42399aac1670bacede76be727972f9706fecb

    SHA256

    908ef25e5671bf680159e8864ca1c78e5df1469763b826054aebebdfd9d0be9b

    SHA512

    f610b67ff31636ae58373d336b0f0671f6ffb1953cd990209d9766a47e0447a7c560850b5a2e1719bd083bddc0e98b056da585f0b85e38291988fff96db67117

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    52ed5a14ed8d6ffa2f7c0d2009c4d914

    SHA1

    42920a4ab9b566099e3673fbb7a94dd3cf5b6110

    SHA256

    118753ce42bf995fcbeba08544bc317017519948bc4db0cb2bfd1a92f6b29dc7

    SHA512

    b9f3c387a82685fae9efe39bfeea4bea1c76d2f16664801c6a957514a5e300328e705a9e4cab2657f65b8f96dcca685d93ffb87fffbb24be010ffc085ede4fd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9158c675e88508f1080336630c413480

    SHA1

    b11fe98ff3e5d441a5ecff6d4f741443d15f40e6

    SHA256

    d8f2c933b98769fba81dd8763a314207d1c96eda1a026b0a16bc4b39600ea8f0

    SHA512

    f668c7bfee9810f1be865094ec624943d729f2976464a6b6854ff83b6bdf23ff049b8513b9dce2196eb30f123359427be8fc7c42bf6113df4ce1230649cced54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5fc08fcecff3f48e9fce667470415146

    SHA1

    d2b0c329de57db37f66e4ef60163a233c4519dfe

    SHA256

    cc050a664e87be15dd81293f706f831b076a4b59962c006f7d41a939c3248337

    SHA512

    06ff9948c496f3dfe594387c8fb2271cf8299a62a0c062fcecc1d2ab2b73cce2133ec2761f90db47fe3fe5e48cab370c823935f09dfc1f4243751eb7d0b328e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7f250c091e16750ec33ce9e8d64a76e8

    SHA1

    bfc5875b8e454dcb330fc429f44c211c22597860

    SHA256

    0a120336e3a8d330f4300ea6f349366b8eab81a0c911e05aa30abd06a9e0f456

    SHA512

    4f7ba27ba5798fcb201dd37a6c0d748e5346cbb25a4dfaf444fa74b719457270de4bda73236cfb786cbba7d34d0ba9b564d675a1fa0dd0e5d6158099f0eae2b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3740f8742e3901f3ad88563936383597

    SHA1

    101f67fb1284ea0a88321a55bbc91eab73b3a178

    SHA256

    8f2ee17c9fcc852282f91f94b232b15d42a208398fdddc8ef3d45bc6c133ef80

    SHA512

    b40044eb4ab41c58a91e2dad3a359a05a85d6d83ec9ea3c90fe8fa3878186fbba2fba8a28978f5c78e1bb458fa8efd7f74861a1a91fc0f0d0266c11809c10f9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6136.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9F43.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB432.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\DOOORC9T.txt
    Filesize

    598B

    MD5

    edf2a2d69cea0a489a218732ace83c23

    SHA1

    efb9de25f36c2e07bae2272cd88503af8fd2ce1c

    SHA256

    ec8aa2a950ef6687a1de8fe8ada6a26f04d8d6293e81220d1ff5b7c91cd65086

    SHA512

    ece7f292688d30c0be6b604c18df9032af28533ace72a7828cede160f17ff54320eed288a11eab3d3cfa92c394671b35c37f1c6d271100a3b377282fd22cc8fa

    Download Submit