Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://appcloudsyst...

windows7-x64

1

https://appcloudsyst...

windows10-1703-x64

1

https://appcloudsyst...

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    21/05/2023, 18:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://appcloudsystems.com/away.php?url=I4WHKFughjLZJXzAMgO4OvxVUoxHTNAw2Gigkd1rRWdJc68%2Fn3ez2z7Zb9nuzSZAKg4c2OGil1cP%2Fe3xYLiXXA0F3UF5i7BQhqq4e9Bbf0CMCSfwBFWMrIJpVScbLn2R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://appcloudsystems.com/away.php?url=I4WHKFughjLZJXzAMgO4OvxVUoxHTNAw2Gigkd1rRWdJc68%2Fn3ez2z7Zb9nuzSZAKg4c2OGil1cP%2Fe3xYLiXXA0F3UF5i7BQhqq4e9Bbf0CMCSfwBFWMrIJpVScbLn2R
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1376
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1376 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1912

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    676a7dcc7c2b3d11c60aff4e8ce7f93b

    SHA1

    ca2953557bf4d6e8de1882984fba67f355238c34

    SHA256

    92a32599d03ac2f1a8d94393ec4b8c17d1a8cd13169aa5b18f831cbd6b0d8b59

    SHA512

    7c4c903dcca1cffaf491658474e0f389e46d715faf7e267bf4a5f1ce35536df4eafb78288c91c5d5291759acdc7ce258987cc60db1c19211e29ebe26cd3058ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6534d333063fe988ef750f5b57c37bb6

    SHA1

    322a2d50ef490d90087005f8675d62fdd7ab5800

    SHA256

    acaed9768437607d61e78f69b24daeeec9e7ea19968810cf93f941bf694af903

    SHA512

    52d00edd307f61f70e6084680c5bafd470d7e74f8771979118de5215d86f6d949b10b9ddd02d1daa145bf5a1c63cf7491cf206033c394fc1381ab992b5bffabe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a337a286f6625c4d0ef8794b23f1d3b

    SHA1

    2f02adc965c53d04731a174415c2c21a54bebf6e

    SHA256

    0745e09fe464d2b404c2ffa2dc9c3b5faeca90ec0f01579153aa54e213a37f57

    SHA512

    866f0ee70fa2520c1daed523ce69df43351b8bfd6eedbf30f5dc57ab6c918c8406d5b3925f9dc8a2230723c8ffdcdc1215aea710592eb5e0b9a81e3b91ec0b29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3137635168abbb172f649daf308623c8

    SHA1

    121b98677abc973918d551c8f13b84d46dec2a5d

    SHA256

    610ed0334a32b9086beb621944c9567e71b5441120e04e62c380ad1c0d8c94bc

    SHA512

    d1d1fc82a706599273c9bbe4c5fce9667786a626312d41122d585dd3e879a208a4566218c62c6af9edea679cc47cf6f89c520ea19e0b84d516f886272f0f021d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0129fa0a36037d516715832e8a3271d1

    SHA1

    85d786253fbb9d08596cf72b1e6a0fd64c759bc0

    SHA256

    d52c1b2e6c4d2f9400b04a6055f6eb1302312547b96f0fe37145e4ded782e9ce

    SHA512

    01f9e8864e426ce5e4f62c818e339591a88e45359701e2dc6324f0f1439a7c483999e749e2e610bbbcaaa04a69da4b503dd537c784e8d530bd744d3ac75cdde0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67e0681b1b4255ab7236bf12acee5c71

    SHA1

    8bee3942321ad940da7a49022b9a149339a1c096

    SHA256

    6b77be1cf3cf84d2248d2ae01fa2ac93464046e28107e6ebddd91ad2ea14a377

    SHA512

    f24abc1b19bdf359737251bcffcdfd56408d1f4e3cac5a5f97ac8876a92f776bc6375e19065c47193c6996cd87ee3c67573980b5f9b208aa71f27187696efb14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb7cbe472af9408b7a19f11f6779f465

    SHA1

    10d79850677c94fc3f4e382ced3eb7ee2a50b767

    SHA256

    dd67898f3f2e239af0351fc96c98704007c6b7e86d31ba4fd85d8921874f2f06

    SHA512

    7f43b105e45b35ac613714ca1b146d94c33e49cd9bc63fdb8f6caab4abb5c8421b1e904974b824f9a3d5069daacf4739007bbcb9e054c2325495501b5d48310d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c67d17bbb432ac6f10a48db2c9a80b2d

    SHA1

    6ecb2f445bc827bf2451082b237fff52ee4a6b40

    SHA256

    d97e5aaa7079e712e15c167a9da7f4b88e2f135f9bf2e54c9a38da0599671c66

    SHA512

    e81411f74cee7047e85bb42224181f44121f993117f7e8f677631a26154aec687f87ad9eb381538ad3d180f09aee4de47e6086d6419594978fc2b142ca6aee06

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8D92.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\UMZE9ODM.txt
    Filesize

    608B

    MD5

    d2b5569812de09e368f40e269e8a8631

    SHA1

    07415e8a74434cc6527f6ff97b6822e28be7f168

    SHA256

    1d38d94876cb7507326716250f24b37c0cf922a91014c44bd41420dcc59fa893

    SHA512

    21d12e9a879f4999cf9866c6b8dcc407086ab710b1acc8d4130c93545996099507c64c92936b7d48040c6dc91a217c7204f165a4684ef992f1d161dffe69ec89

    Download Submit