Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

inst_resx.zip

windows7-x64

1

inst_resx.zip

windows10-2004-x64

1

jre/Welcome.html

windows7-x64

1

jre/Welcome.html

windows10-2004-x64

1

jre/bin/JA...32.dll

windows7-x64

1

jre/bin/JA...32.dll

windows10-2004-x64

1

jre/bin/JA...ge.dll

windows7-x64

1

jre/bin/JA...ge.dll

windows10-2004-x64

1

jre/bin/Ja...32.dll

windows7-x64

1

jre/bin/Ja...32.dll

windows10-2004-x64

1

jre/bin/Ja...ge.dll

windows7-x64

1

jre/bin/Ja...ge.dll

windows10-2004-x64

1

jre/bin/Wi...32.dll

windows7-x64

3

jre/bin/Wi...32.dll

windows10-2004-x64

3

jre/bin/Wi...ge.dll

windows7-x64

3

jre/bin/Wi...ge.dll

windows10-2004-x64

3

jre/bin/awt.dll

windows7-x64

1

jre/bin/awt.dll

windows10-2004-x64

1

jre/bin/bci.dll

windows7-x64

3

jre/bin/bci.dll

windows10-2004-x64

3

jre/bin/cl...vm.dll

windows7-x64

3

jre/bin/cl...vm.dll

windows10-2004-x64

3

jre/bin/dcpr.dll

windows7-x64

1

jre/bin/dcpr.dll

windows10-2004-x64

1

jre/bin/de...se.dll

windows7-x64

3

jre/bin/de...se.dll

windows10-2004-x64

3

jre/bin/deploy.dll

windows7-x64

3

jre/bin/deploy.dll

windows10-2004-x64

3

jre/bin/dt_shmem.dll

windows7-x64

3

jre/bin/dt_shmem.dll

windows10-2004-x64

3

jre/bin/dt_socket.dll

windows7-x64

1

jre/bin/dt_socket.dll

windows10-2004-x64

1

Resubmissions

19/05/2023, 16:23

230519-tv7aasef77 3

19/05/2023, 16:21

230519-tt1q5aef69 3

Analysis

  • max time kernel
    1616s
  • max time network
    1625s
  • platform
    windows7_x64
  • resource
    win7-20230220-es
  • resource tags

    arch:x64arch:x86image:win7-20230220-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    19/05/2023, 16:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jre/Welcome.html

  • Size

    983B

  • MD5

    3cb773cb396842a7a43ad4868a23abe5

  • SHA1

    ace737f039535c817d867281190ca12f8b4d4b75

  • SHA256

    f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0

  • SHA512

    6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\jre\Welcome.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1520 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:796

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01f6b1c48408207072e10ee1d10ce540

    SHA1

    2ae43f00325ba58f940c0cef5ee5d64b4e4ea042

    SHA256

    81f00261825a7a56f1cb6f13547f7c9dab3f2c493e163fe17fac720add4b83fa

    SHA512

    11fd51c8cf668dcd5f4b34825e1225e40a49cd5ab6053c6bdc957bcc8e6ece0848005b44a5a38a4f5885971dc3b65557a86d2b9aa80063afca34546b225c513f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e9e5695f54a9e754dad042fe32c6902

    SHA1

    fd37f60042eb55b7e93f8b43d05a5973859965c4

    SHA256

    19c500780b4a753b04b5e33ae2bff210f79d7f9f5782f9a3b283888e86391a0d

    SHA512

    2114a64d986c15843dc933f4abb7d7d037c1822c4f45b70b6d1445bd2d597878b1cf50ba138115cc340381236a2b3b9aabc8d0835b477eacc927db53abb063f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df85f67850df7876d25a3907d954e4ed

    SHA1

    e0ed7e75d0371ebf07583dc6781699c731bdef8d

    SHA256

    e08d0f16fbc016b9119a70f1bf9b0adc4fb9f158f225ed9e208ed89fa84e5ade

    SHA512

    f6aaaeef225af35d9dc0b9d4ee2d1ed6ea110e5f83c0977fd597195e9b4021ec476efef26d931d880fede49d9dba8be1230da2c6f0a35589457bf7d81091267c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    acdf984898dde6286d4520a2b1c41bb9

    SHA1

    62e86e41ba5da941b7249e1e560aa5095eddea9a

    SHA256

    92b10916b6b1e5330a47a5982d57f6e933d7be1062bf1771b1923e6746a1a4fd

    SHA512

    375035e4da256417956081de93c24058990d0ade7e5790840530dbd6ca0b076c9bc7b1c361790ef5ee5e4a25c94bd6a36414943e4fb78704fb0311d47178e859

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b2223e987876e3af9c4d024640c80be

    SHA1

    5f1153d66f39f2587ad57e3c0c300e037bae62c6

    SHA256

    5c7c62d6e728e1d3f2ab1a479d77948edfd2ae218357492508925d2c4abe1d42

    SHA512

    45a444e6060a657acbb4e4ce98e384acb99f7d001a39c7d548cf90511dc560385e514811b2325dfb4c8eb47b5f8015b7115e38fdaf6de237827b013741b0fea6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].es-ES
    Filesize

    18KB

    MD5

    e2749896090665aeb9b29bce1a591a75

    SHA1

    59e05283e04c6c0252d2b75d5141ba62d73e9df9

    SHA256

    d428ea8ca335c7cccf1e1564554d81b52fb5a1f20617aa99136cacf73354e0b7

    SHA512

    c750e9ccb30c45e2c4844df384ee9b02b81aa4c8e576197c0811910a63376a7d60e68f964dad858ff0e46a8fd0952ddaf19c8f79f3fd05cefd7dbf2c043d52c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9CA0.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9F47.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\4EE3EIHW.txt
    Filesize

    535B

    MD5

    89ca747de529466e29a705918adc1c64

    SHA1

    c0a3ed304955c721ad0c9813a7b39968f118fa79

    SHA256

    50c6c9bb6e628dcc9195c3a907933026a1717305d53f18999ab3629b1f2e5be9

    SHA512

    278dad91d92ce95dd370c5609bf4a107e7f89ca53c1139924f0dd8878e6f85025d10a356c46cbe085372221853b981b47007aa7c15eef7609a65fe7edb14b147

    Download Submit