Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

??*** vm_0...m.html

windows7-x64

1

??*** vm_0...m.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    23/05/2023, 07:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ??*** vm_00237202311.htm.html

  • Size

    26KB

  • MD5

    9275c87d8ea519d02be83d426f854f4d

  • SHA1

    07a755eee91f1819c95cda0417d2b9d5d9341c51

  • SHA256

    6a22ca737fea2bd530282d8cc7f6421f1a68daa1c1147fd5e5d2617868e04548

  • SHA512

    6e90c00cc77a2a6fd7917d63e781ccc1ff0d19804f327fd5b53592e7bb2ee1669f358c0ce3e03140a612cc4d02ab840a382dacb09fa67c35202737177b31bd2f

  • SSDEEP

    768:7BvlcjpLuYAJ0Gn0eoRZqs+6UJKSgpK3szkVkl:Dcj5u2eQt/nsszkVs

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\_____ vm_00237202311.htm.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:672

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c798e1161d445cc70d62a2a59de7583

    SHA1

    9c3a66c6605963040403a6e7ee40e2e711badac3

    SHA256

    4114b491f55f669ef128f79d36e9cd2c02f3c62e04a1f2fee6ad454a1d58d8cc

    SHA512

    8937a7623d142a8d10b42578bd9caf7f74827fb282e37df70d71d4fbfd34eada09b0841982ba5e3d6fa305a41fa65ab8ffc89da5f11b4deaf8c3ab11832268be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f09cb5e0142c98815ec8ee0c0109d39

    SHA1

    8073576e1b3ebadc88bb021bbac9ba8fca89ed94

    SHA256

    6cb53b51b9184b571269294b30be483b9dbd4ee5f8df4ac65445e9e779f7f03a

    SHA512

    82f558e3df5ecaf0e4a10530993da0aa26bb5070d713b1cd4d4562cb779408c04db2c925a227c951f6796408288f91eaa0857991f6f073e909764d975dd3cc8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1142d3d26373b2398a8db48458405fa

    SHA1

    53ebffd7b2def0c699ea8381901244d1cafb6792

    SHA256

    932cf5b23f9cce82c723737f59187479f32b50a0f0d53d9b56394d2ee4d8cbce

    SHA512

    593551478d523adfd3f11666f71dd2fb7a564081e16cf300f5d1c98a11a4bff220312ba0f5ae59fb45358072475e6fb3f10445fa1aadfeeb8a7e703653232a24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c8dc81b339ac2c48483b85788b5c6fa

    SHA1

    2591685afd2d8046085d651d9792bc31ec498529

    SHA256

    0091cd3db98e6d3e82fba0ac9e421d88a613010811c9a96e387e52d745d19a43

    SHA512

    05ef0589479f587e6659d282654fc90549ea1e2800a06ddeb57e7dc96d9f33f981d4b2645378a634418d36ccd343545a60162771c4f32da86a82ecc17ab25ef7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    390a6697f7a861767bdcd8149aacb20b

    SHA1

    27333068061fd196e4cc86b2aae5de9b0c3fc057

    SHA256

    72cad607cf6d6a47fc2a342ff1826e09c21bfe042e91792ce072a18f7127c9f6

    SHA512

    cad07b134085be31f039443f049afa942805e742671d0176f198852c22dc57905c5b5598b9a0b62779c61033ffa43c7b3bc8167a5980bc94cb9ffb02a8c05dd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c65079c53c47baca746553ec7125149

    SHA1

    d5c252109f1299a1f4e629ff5605c05a57043443

    SHA256

    baf842c867d99317546ffdd4df4a0b83a111e7eb4fa450fdbe2fa69b8aa1b2a3

    SHA512

    ed2a2d540495ddab95ff4d72bda24b1707cac8645ae6312674955588fa54b9bd769338abdd0bf2ab6e56f7e19981126825b26f06ce2fb3bb06d1b4bef8dc029b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37f66dc96001a75d5456a440ae67030a

    SHA1

    c9a7c5d70108077e7a54766fe9dc5395adf70d15

    SHA256

    32302351d2ac38f2af807504dfb61ca1746007496d33ab12c700223e5bc73f65

    SHA512

    c3eb656ecc12d6b7b8d038f1722893d9a5cdc6ec5d0daea50e1e04a118fc90d674e272ae80ce81ba9fd25ca84700ea34086b8c4cbe757c317a0c82d0a60d2297

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ddef1a15da978c247cabc64e052879a

    SHA1

    187fca23c4d84aa46891e6d45af682bbc1cdc381

    SHA256

    09c58fce3d4be360310c6b63508c7ec86b36de527d24a5d826e410ed21d4e330

    SHA512

    ea0084f10ad0afdc044c18fb64beb661fd0ae37fe7ae3ef03f289f7ad9e269c3992fc703faad6ba388d465baf23566d116bb82ae5eb576467a22fa49d200b5ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    42bd08ddce47142851c1ab50228911f4

    SHA1

    109a8e17cad5889ad59ce83b932b8d6bd1ca70e1

    SHA256

    4472990402c707e53bac0899388fa375bb4de6aba1b68da062f6ff09344758ca

    SHA512

    6063bea9061315475fda2bb776c713308764e749dc840a09c8f12b0a304326b22b8ebdbc38eea6e8c9b70dcf86f221f75402de483708a9d6d26e33e7de6f0a3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00fd55ed488ff5f62471126d89e2265d

    SHA1

    809c2c97af954e0b473e8e1974ecbe273ce14510

    SHA256

    e83853751cfeab2854de5db0cf2b26e2fecfc77bae6ee0f73a471d9a6d78dd2a

    SHA512

    abe1b113354bdaa90f6acf032e61a6a541a6adba1807374aee50966fb8bbae0d25f7072ce6153ac3e382a36ee1c788a893d71ad1a9eb7fb4b3f8d17a0f9c3fc6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4D33E1QE\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3B6D.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar649F.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar67A4.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\HS9YV3JT.txt
    Filesize

    601B

    MD5

    db2ce9864831c24680e9aad3619b09f1

    SHA1

    b27a90f2fbdd1788c35e15eaf6b3d252be6a7371

    SHA256

    25bcb1d4c7b1774a33096e7232a32f0cee1943d4654ffac792dc8d1a0bbf57e2

    SHA512

    f383bd5c6b1d137fe7b272682282d445fe01dc741513c19d94e3969872086498c801d13cf0c552d2dea06b5ab7f2a1f2a89bfb714a76e749cbf3d908a9d258bf

    Download Submit