Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

PayReceipt_Copy®.htm

windows7-x64

1

PayReceipt_Copy®.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    66s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2023, 13:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PayReceipt_Copy®.htm

  • Size

    227B

  • MD5

    c571d3f14a7f7b895aa6011bd50a4f79

  • SHA1

    f65d7cdf3324e60d3079c6e3e4fa394d93265113

  • SHA256

    00cfad71f272d725a4ac9c7dcd9947f2e86fd7873b38b4a7bacc9f3c429a8b4a

  • SHA512

    f3a8f53f71587da357cd38473d9decbd4d318bf293c74fc7022dff09929d0938e078be0a4f2455386339e9e3ed5d0bf5996417064d14279622aba4f71f667d1d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PayReceipt_Copy®.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:692

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    1KB

    MD5

    e6c5fc05c5967137d3d1903f881a4399

    SHA1

    2d0f1cb6c60d7577a92d162ae3de36212e78e854

    SHA256

    cb05fe65b24b59ebb215444e87fa014f60674a03d0f9539b0f92fa3b10268c62

    SHA512

    f3a62d67c6cec8fd9e65e041981b76bb210fc2a24a477ebcb8b525ca28eb0964c52d453b5f50699ba86b6bd764dbbea9fe918bdb48085dbe931514e70712efbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    416B

    MD5

    7ee6e8c801ce27fa0a820d16641bcf36

    SHA1

    22867c205ff1a77b8235e346fc49feb01edee5ce

    SHA256

    025bed7a5d90d566b1049a9be01754a3a59ba52134f3e37cd33a5b587b6464a4

    SHA512

    e420cbb79523a10a8f71be1be8bc190c51c2226058d2ecf94cca16e6ff95ec910ea9aa2fa0af028a33a162fb9c1338e65cd9a6a548daa72ce59de5331ace7d9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    958846be9ab14e95c5e37813f239b0ca

    SHA1

    30140104050f3d4fcdfc5a7e1b8bff197f2c8dd5

    SHA256

    817b6fd116243337bf24e5f33978a86c102a04a9151b031076f4ef854d9309c0

    SHA512

    ca5e53a8dc88cbd43d689f0f8daaaf3bc9d0882fc0c9455a5e626b4f51844f1a24111bc82a0f655fb108ce65dc153fe345c6efc34244083b8aaf6851aa6505f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6c18596ac189b816946738bc61ff2a4

    SHA1

    6e1e49de4d6000765df3bf41c2a2c2ec4623ee48

    SHA256

    44874343247409090054961f48c6c3dbdcbb980557173606fe58f68d7136d154

    SHA512

    fdde427700c82b3145e4db293a99956449f326fc0b228a2185d9f7c3b6bdd0f42c66a0a45d9b1036b6ef3e9db358984a3d17ce22fa2069a4a977b61b665abbd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f86324c528917a37124ac99f3dbdc09

    SHA1

    98b8e5075230a51a800f1c9a38104e39c0e7d0e5

    SHA256

    79814d69314ae47b779e8e059fd423e18fb3a7249fd43e222ad86c7ae42f46fa

    SHA512

    39da1ec8e88c63ff1b00333e4d3e9deb05465bdcf26764ae16ea6f0313d9380615dbc41f553bc28b36f1804506c57611fb48ac2e5003f3e5483adaebe5949341

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13d5a47f4d0e68ff98d5945fd5d24759

    SHA1

    c575d249ab675a421ed3f76e37329bc816738fae

    SHA256

    77e55a83125497b21a3e5ab23302e776ceb38b8e3f3c48de47879657eb3ee161

    SHA512

    c79f01293e32f31d45035b7591e05953ffbb026fe13047a1dd13fc77c647f5a7aec09097ccc3b2a3b64a7f442c0f345768fde02f977e4111ca54ecfed7c96c4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc8b935f8d0782347f45202053bc7464

    SHA1

    e814d36d49b75278da80b3679337cc479079f3ae

    SHA256

    7c4854cf7cc14f21a3d3cac5d6bb47c479fc36bbcf6b96faf3bf9b89449364fd

    SHA512

    663f34dd89d6e56981a389212f15418b07d3ebc1759161a8f5b8f0d62628e249c200e321ec253ff16b3d3f5cfc2bef7a71e3ce8b87868198c1fd14658fcd98f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce77e72782bca3fde12e8a36a61922d2

    SHA1

    dbfa0f0e00371cd036b5d0ae36870a74e29b8026

    SHA256

    f2de8707f88bac64f412e1536e1426bda8c252165f2e12bf5b38189b3692219c

    SHA512

    33f0321a8ee6fe35628058ccbbb8eb97719a5ced1d182172087821756a8e3f850e9e627fdfae6a542b32ea375546062e191696d7262679d9fec4fe0699153ebb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f23ea5da9bd22d99664b54158c84ba81

    SHA1

    e7679c9228c652971a0ff362f4fcf02a761befce

    SHA256

    850db41a536da215ea02702eadf86ac397228dd1504303141881111c6b3a0ba9

    SHA512

    5a94918d6a3008f0c178c39ca52312be2754416f94f13cae4ab8abf33c8f864b0ce4f232bb238da19c1715f1352d7de5f832cbebc180eab3d5a9664a6a859663

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    633068e18847d2a25b125b329239bac4

    SHA1

    daf865b054c67491a451fec6c374ad314e3fc7bd

    SHA256

    3ca6984eecfdda9bba0bdd5853e84c16e39484805dc450ffdcd105d8a8a4d023

    SHA512

    9aba3361ee35058072834393d9dbc720c7fc9ff4448367c946486aa533e555b3c66244fcde073d4873f3d1273ddbd91e2446c4e9603100cdbbb10050ec43a65f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8f6a9cb2434db3d6a410ed815665150

    SHA1

    248faa4b18424cadeae212a86fceae95f65a10d4

    SHA256

    163b64b9bca535ca192f454aeed2d3c1e945ac0730fc4ff26545f224b85a1c1f

    SHA512

    a2147b17bd2066cda93ff8f2cfd07f20c545a9c5c6543aeb5731abf3339df3f59fd4d78edda0a8576583d2988eb45852b03767ce7b5928388e9c9d09d75fe189

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIMPJA9E\NLEQAH6G.htm
    Filesize

    98KB

    MD5

    9baba33c53da15132af66348760cff2d

    SHA1

    fd7e1a51d06543130fca2df27e85cf7e689db8e7

    SHA256

    af7f98c89d5c098eb5e6a009adbdb6b54c8b328bb2e1d639f8a0bdf5291a4523

    SHA512

    20f591b01ffa7bf2c303ea165f8308423e8ad7e8d4fc66d9c2f6efd57f80d0bab53c6d54a433dc7e8339b299d8d44f8eb4d1be57773133e70dcf2c7b188c9653

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIMPJA9E\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMXH1C0L\hcaptcha[1].js
    Filesize

    307KB

    MD5

    4e27e423abe7941bd4cc8ca52bbbdcce

    SHA1

    9eece7f7e3a20cb2511030f253586ae96286a49d

    SHA256

    01507fc59cda34e995615c5384e14abc964d1da5a978c5c6b02071eadd2b1b9e

    SHA512

    b9c502ddd5ebbee26d9047ea6e0b231d0a6e8d1745be2babd7359afaf6412ae05b71b57181cf20085a99743564693e020513841661ac4fe00f00d648592a3aa5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab261A.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2920.tmp
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar28B0.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\JVZNWGBF.txt
    Filesize

    599B

    MD5

    512fe8748c072a76a409f5b7e91c0be9

    SHA1

    41f468effa51103f748219f575105593b9697f5c

    SHA256

    1ead83791f4ee62f3a3cccd2eb658966df9daead3f817f9b838275c1063cadb3

    SHA512

    6ba5b60c8a1052270efc8c90ee2ec73b9cc843df09273d544b0354909df3946126e56c61c9b870eb5736420584647c2e17e6a5a710c13dd74ee23f4dcaa25f97

    Download Submit