Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://download2437....

windows10-1703-x64

1

Resubmissions

03/06/2023, 18:42

230603-xckv5aab2w 1

03/06/2023, 18:35

230603-w8kpkahf42 1

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    03/06/2023, 18:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://download2437.mediafire.com/wu6ovtgoiwsgIPB2oUNIvGZAJcr1vloq9KxY0bO7twQXdiTs5mQzOpdC_O8SGImwzoNLMPAlLyH6ZB1oLC78McqDt4HDlFDftfC_ObH1OcyqHncHdWUPE88clWvz-LB4nntCKLiyQYifF_3yr_QORC23rozgsiHg9L-8pWy1tzcyI7He/l11bgmzcsbkkzt8/Microsoft+Office+2019++Espa%C3%B1ol+-Ingles.rar

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://download2437.mediafire.com/wu6ovtgoiwsgIPB2oUNIvGZAJcr1vloq9KxY0bO7twQXdiTs5mQzOpdC_O8SGImwzoNLMPAlLyH6ZB1oLC78McqDt4HDlFDftfC_ObH1OcyqHncHdWUPE88clWvz-LB4nntCKLiyQYifF_3yr_QORC23rozgsiHg9L-8pWy1tzcyI7He/l11bgmzcsbkkzt8/Microsoft+Office+2019++Espa%C3%B1ol+-Ingles.rar
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4100 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4500

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    91e4d7712b64a4110e170c0540645479

    SHA1

    67f793d3f426625f72acf703efefc44cc705960e

    SHA256

    19029a05befcf52a40f31e88d9d073fbaa1b6cceaec050e11bab22f307f0923c

    SHA512

    cbf529565dda78743c48e0b4b39f71ca7679cce651afc54d28a2b0284ccdb1e4ffb6b10bfa25d8bf19da71546b48bdd5e6c2ca04e9d83c7f0afdb4c49d1e030f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    bebf60c9b45adcb62f3d59f0a6e3df6f

    SHA1

    57bf1e747a48def0c084e5db8fce6f4acbf36427

    SHA256

    9162e31f7a6a2953c802cee222d12fbc4ed7ee1e65809db3513c785328a903ad

    SHA512

    ea409fdc38f12af24222b896c2437b6eab2af8caf5641350f15a4cc5088bc2013acf6d25b6851aecfb8f8051b7f0ecf12d3b4d433a0651e63b5c8b3c80700fda

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6FGHNCOX\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\48LRYDRA.cookie
    Filesize

    615B

    MD5

    846c0177d55c42b5f9f8225af7b95751

    SHA1

    01803db50f989cc6a0fca7538d1f7be0aeb18be6

    SHA256

    38f57280f0d069726cc5c1c3b29cefbebabbe198e7d4d102dd0c580098af7b7c

    SHA512

    f9e0bd379a7d026e20a11bb8126427c27cab360aaf3cd3305a4715af0ab0f7c9d46602ac39d420b148036c79a83b9a884b9bb367fdde600e717bd41bec34e80f

    Download Submit