Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

ExtPack-license.html

windows7-x64

1

ExtPack-license.html

windows10-2004-x64

1

ExtPack-license.rtf

windows7-x64

4

ExtPack-license.rtf

windows10-2004-x64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd...eR0.r0

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

linux.amd6...cam.so

ubuntu-18.04-amd64

1

linux.amd6...eR0.r0

ubuntu-18.04-amd64

1

linux.amd6...eR3.so

ubuntu-18.04-amd64

1

linux.amd6...pto.so

ubuntu-18.04-amd64

1

linux.amd6...ain.so

ubuntu-18.04-amd64

1

linux.amd6...nVM.so

ubuntu-18.04-amd64

1

linux.amd6...rR3.so

ubuntu-18.04-amd64

1

linux.amd6...mR3.so

ubuntu-18.04-amd64

1

linux.amd6...RDP.so

ubuntu-18.04-amd64

1

linux.amd6...ypt.so

ubuntu-18.04-amd64

1

Analysis

  • max time kernel
    97s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    24/05/2023, 04:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ExtPack-license.html

  • Size

    10KB

  • MD5

    4149e9adef477e3b62e206a54c249d0d

  • SHA1

    06ce0ad3644862f750baefd3dea770256ac4f7e2

  • SHA256

    72dd5d07c8a131dc9b45f88f2dae02817672d442a60dd43f37975f328b252b6b

  • SHA512

    1a483e5d557745903d3f566e60e6b75cffa7000b27f5418394065ddb58c3c3818c11b914d5cb4299c9a9f0f1293b343bdd3f7d39d8deb2e2be6855114de3bae4

  • SSDEEP

    192:3hgayH8KgyNxJI3XThbH+cDlprVjcgd3404ErXC6xoe0yDGpRpP7ixYU:3Cas8KgtHTbprVj40rk0DGBGH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ExtPack-license.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:576

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1d06d081a753cec51c3d94fe7fc4ff7

    SHA1

    93cafac0a0e7433267f6f1bea170364c912127c6

    SHA256

    8a8bfa3578bdea1e912431e6503da95ebd1e2a073d4cc7c5afea844aef10e468

    SHA512

    9d83be01c001540fa7c9798077ddabd09dd6817d1dc2087a6ef8be67581be580256cde35637f22db03a68889538c2a99c18408f3862df849c5631f45111d0e4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8c73419350a9d692956fd3852e6fb26

    SHA1

    e2ecc8c6923a30233697e8c035d6fa7b6877863a

    SHA256

    f3d7b2c692773d4bedc64eb33df532d683e2d65b77e1425e457ed5cac5ce3a04

    SHA512

    83db43b14a5a0b8d80d38610454daae345c6e2ec943266f742f804858ad9eb30c7660a80319638d876a7a55f5dde5fbcdcb213bf68de4b5c8d54cdc90618489e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e6f41c5a09708b616309be7d93a6432

    SHA1

    28dc74e0a2365d4565f3d5870cdf63d331be0188

    SHA256

    d7ba426a74f6cce4ac0c63cde55ee44854cf0a241b05ad805f4905b70ba26c33

    SHA512

    594647c2b84e8c4c3c564429571b8daa0d3aaa5a509797a00255f5061aad266b94ff258b4b1c50362358df2e4c894a10cc409d80b014fa53111bbd3b801d7120

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7d637728be962b7a125cd8de1a2a506

    SHA1

    aeecb9dff405908112a1cbbc0444a45fa8531158

    SHA256

    b75999d3f8f033f866944350657056b562dfad35c5d650e39a17b2be2e38198e

    SHA512

    44b576cd175712dd8ae109374fc241b6372ab909856f8331cebd42a83d3f4b250d7e9591ed3151e316ca99dc644559843070ab9404f421cfbd5745a0d7a5770d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6faeffc2249a654136c83b840b8bdf8e

    SHA1

    fec1a31e222004d89e161a5d70271c875b5daf5c

    SHA256

    84492ef7f4a60ac82c82264c5ede19abc81fe6ad63dccf5c802000b2c223dc5a

    SHA512

    2dc2116d3c4125a0ac5446d8ee455ac8e840e63650d83a6a7340dbc2f8514f4a8f6d792b17c8dc8f564788f106030977260ba6097c4648164bec64903afac301

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90a03ddceb375637e09d40241d1567d5

    SHA1

    734463338d16b714160450587798ed80392a272e

    SHA256

    e991dfbee3670219f67a7c74a19c6f1cfb9a290781a504fb6c4629f23730c985

    SHA512

    41cf16bc0baa194a2fa3ae1b6ab9d97404756704c7c4f2d8d7b42d8cf7f8ba6140bb2946e1aa46f269169fe36491e23603929c5d000d3a339bb4191ca2489e99

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4981.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4C19.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\JC9OJI91.txt
    Filesize

    607B

    MD5

    df7578aa4e384f1398a9268a08547854

    SHA1

    2830a845b6ce97111fdf89fda5f698b11ad5c1a5

    SHA256

    194c1bac7bbccc15026469ae717e6eecc6e52c8f13be549e78d0b418c0203ae2

    SHA512

    2fa7e8c450316ade820e19bd73a769a74604f3737b2b5e99c58fce65553fe742d7257e4ef183d308da335d07d646bf9beec2b65d4a11f9b8c1e50f98b68cd850

    Download Submit