Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

identifier.html

windows7-x64

1

identifier.html

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13/05/2023, 03:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    identifier.html

  • Size

    156KB

  • MD5

    644dbdc5626b9af503a22f789957ea69

  • SHA1

    25da6d1715d11d3bbbf1424c8a51df3428674ee4

  • SHA256

    6351f42a07466644eb2d4866cfadb220817746077f063badbc2fe254db5a1587

  • SHA512

    e985a9b6c26294b3841f89e8c65f850a127e425da2b00eefbf89002e6d56aa054d0b755b8d77997f60d66f07397784ab3036e5d80f49493dd6ee1e542de50772

  • SSDEEP

    3072:6fqdUPcDlmZmPyf//JgYFkfKZGEwj64YrCi:6fkULZmKX/ZKfP6HX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\identifier.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1688

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f118eb515877b5f6447f1760085ef23c

    SHA1

    fc5b6ccfbe20518f61616064cd8f30f211ef5900

    SHA256

    54d79206b5e4f7e96cb6eb5815878f1d053826a09690fd104d7d353e15de8800

    SHA512

    ba3e30fb64306567da43195d0558d76188da6d98df1542102c216a1e3d0b13fdff4b823577eb7bc633d4177fa666ea07594d059cdc3cf6065b5f86a48d8c5ede

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9260bc3d47ef051fbffa72d9f3b48565

    SHA1

    671de0548174448cc81911ebf9e4e0db1260e837

    SHA256

    b820ce6b26bf8972fc2eae696507310c91b501093e85a47474f17b83c3d2bad0

    SHA512

    f34d9c382fec06e30d0db691d3835d5d8faa7b1125d1b8c9663d34beef5475af9cf3cf76e30824595fca10110c005738abead3f096f2530dbb76b1ca9a8d004a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    dc1e699b5b43fe44614998b32856d99b

    SHA1

    37d01288eab34e04b9ffd682bbf057db0dce213e

    SHA256

    a33a5181b1befef24931243e425bb8a083b37886f54d557f7e869ef48ad6f237

    SHA512

    5c35c4a1c705cf9eb230e198aa3e7a1096affd93d2fa83dc9651894472c154bb0e081827b894a52a418dd3eb7fc257dad1b5d47bfc814731c6b1fa7e3acf9095

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bbacf71e7af85fc7fd8305ab539cb8c8

    SHA1

    5cc0d8d8ba665b947a83978dffb5238adf28d61a

    SHA256

    1b3841cfb15f144b4845e32df5c437ce41d4b1eb35d1dc89306ba3025d92230b

    SHA512

    4080c15b6185e38e5d1ce07828e0524682f43c7f1cfeafb0d31abe3c3b1f730d552c3bfde7babe516c16feb864aa816f3042f2b4e778bdcbad83490bff249db3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c6cfb7e1ab32e11d6cdc2ac1196c3102

    SHA1

    796bf825461e9efa72eeb36d0ed1ad76aa9f19b1

    SHA256

    3a276e419da7821f93e65175b85f22f6f4ab0b0cabe0da105349bf963735c6d3

    SHA512

    6bff20f0d3fa81e63d04b156249e2ee6a24763cff0a89e636d817122abce505cf0da13935714e8d735ddd07ca9b3e9c8a0690cdcb5165a1f91a808692c92e154

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    872ffe94fd8d1d8abb8eb0e9a3170f03

    SHA1

    2fa21a2cd6e1c6ac40ef0dbc90dfb154111267e7

    SHA256

    1cb71d96868faa98a95c692442a84eee0baaf7830cb22ac9c8a9d48c225ddd4c

    SHA512

    b26508cf992b7ec8beab05b5e803dedc155efb81ad6b0ef80dc38f0ddc22479956db2ce4e2e29e07c4ae6c6b96c601035f9cbd50f5eef8a4cdc1ffa29aaf3228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    872ffe94fd8d1d8abb8eb0e9a3170f03

    SHA1

    2fa21a2cd6e1c6ac40ef0dbc90dfb154111267e7

    SHA256

    1cb71d96868faa98a95c692442a84eee0baaf7830cb22ac9c8a9d48c225ddd4c

    SHA512

    b26508cf992b7ec8beab05b5e803dedc155efb81ad6b0ef80dc38f0ddc22479956db2ce4e2e29e07c4ae6c6b96c601035f9cbd50f5eef8a4cdc1ffa29aaf3228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4017da2386290c74cf37ddde0ec6d337

    SHA1

    83ad20fed28edb229e1c53c2ece31bfd252f31e5

    SHA256

    483328f128745b3478583ad558d3d4439ed310e82e0600cf3e03819b20f687ac

    SHA512

    47d13126d2e9e9f18a90bcf76ccb3e1d895e83be3ca5e52c0deeadf9fa4866affed262785c12cd24b86094cc3f93a3d9a4462aa4596edd4adb33c2340ab6831b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e10adfc1a149a41fd0fd94d75eeb9f02

    SHA1

    cb9a09a58603f010e0ac3a39900a022f423cc0b6

    SHA256

    673998fedfb72cf76c970b72cf53435c3a64d51dd95b54e30f5593022f07e524

    SHA512

    b3642c562b002871bed05dc7645445d7f323d95e643782d1384d8b625480c87b0a61c1343612b215af248dd9c8ca3ba7e679c4bdc8783117b7007eae9963af94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c2088d83ce4ac128438d7330088b17d0

    SHA1

    79980d4b461b3e06a9c9e422ea8e9e6639e21d87

    SHA256

    e864276f0ab1cadc499e941aacaf84a42c0b98fa6515f9d83eab432f5c8fa21a

    SHA512

    61ac3d4b7f45e8abb116c01342dbd40c47a5d0db6d20ac05bab982ef4955db71f30b4544dcd2da445ce2e1362957df69775a1c3b64a751f44f27891e3cb42c64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    84e1c5f1b8cd13d08dae91689f690916

    SHA1

    edc202969b267da3596c32ef4f7cd0076dc64ddc

    SHA256

    8e709fea8145ed211b2ad662ced9d5fcee3de46987084486a0d2ca53c0018c76

    SHA512

    21bf24f0758975959c4eab09b1090d2cecb65531373571cce3301ad71fa4982e9d764d000ae4a9933bdeb3616e2821db0f7f7e404986ad4f31cc03e1a9c77608

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    e0610f616ccafc6e91bd6b4eb752d214

    SHA1

    0f50a86ce593eec73e25fbf503bf6aa1836dc7cb

    SHA256

    bf321102718d8619ac0784ef71fdb5fe1fab2c198935f9b2639af623c21e4fa6

    SHA512

    4a4386689f53e3e9b882b3c89a935ebbd3f578349bb37cc715634b606338f1b1f6ab2b78225621b3818aa715d6bd59fd2fdc640f5ec189321b380a44ac3c9f64

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BJWXLGAS\bscframe[1].htm
    Filesize

    15B

    MD5

    fe364450e1391215f596d043488f989f

    SHA1

    d1848aa7b5cfd853609db178070771ad67d351e9

    SHA256

    c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e

    SHA512

    2b11cd287b8fae7a046f160bee092e22c6db19d38b17888aed6f98f5c3e936a46766fb1e947ecc0cc5964548474b7866eb60a71587a04f1af8f816df8afa221e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T22XS5WA\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab673D.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar675E.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6949.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0D2NT2QH.txt
    Filesize

    607B

    MD5

    c6ebf64f3565935e805ea58c5df5c73f

    SHA1

    2c701dc904a501df193b5b1568945f425dc5d982

    SHA256

    53988c5d93f99ec3a369395efcd905771f6fda17a2f1d8915e514d576dbdcd0c

    SHA512

    20c3bcd330d1a457dee85a5f6528477f7bf46d809a53537fe715d162fe3b61825c1d8f357e4253516a869992742fd79d735d18cb6b4dc8a357d82bf2cb10024b

    Download Submit