Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

XCIPTV5.apk

android-9-x86

5

XCIPTV5.apk

android-11-x64

1

nopie_open...64-v8a

ubuntu-18.04-amd64

nopie_open...64-v8a

debian-9-armhf

nopie_open...64-v8a

debian-9-mips

nopie_open...64-v8a

debian-9-mipsel

nopie_open...bi-v7a

debian-9-armhf

nopie_openvpn.x86

ubuntu-18.04-amd64

nopie_openvpn.x86_64

ubuntu-18.04-amd64

opensource...e.html

windows7-x64

1

opensource...e.html

windows10-2004-x64

1

pie_openvpn.arm64-v8a

ubuntu-18.04-amd64

pie_openvpn.arm64-v8a

debian-9-armhf

pie_openvpn.arm64-v8a

debian-9-mips

pie_openvpn.arm64-v8a

debian-9-mipsel

pie_openvp...bi-v7a

debian-9-armhf

pie_openvpn.x86

ubuntu-18.04-amd64

pie_openvpn.x86_64

ubuntu-18.04-amd64

Resubmissions

04/06/2023, 10:57

230604-m2nyzace5y 7

04/06/2023, 10:52

230604-mye7nabh78 7

Analysis

  • max time kernel
    391s
  • max time network
    394s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    04/06/2023, 10:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    opensourcelicense.html

  • Size

    58KB

  • MD5

    931a4494e5c771e0cc1a0c45f14184d4

  • SHA1

    39035ea604a97b42b05579fe63ca5c74a282c2d2

  • SHA256

    86452afa94b065223a17749621baf3ae62f27cadb5ac62bff7713be6f40a0fda

  • SHA512

    3b684c21df219b2f3538dffd606e7c8829eabd14512fab72051a126d8eb950dfccf9936f116fac88bfabdfdd1e8ca5b219c9c80d98ec95f2e7d14ed62a7b9d33

  • SSDEEP

    1536:O8HE5N7PhcmCGUZjTXOrfeI4oQaO1iVyGBpXEuTc23aWQNmYyLrDh:OmqN7amC3jSR3QaO4jBmx4YyLrF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\opensourcelicense.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1088

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95c20ba57bee50869e86499df877a125

    SHA1

    bf20a7a178b24313cf727ff6176b15f649acb71e

    SHA256

    436c1421b9f47aab845ec425015f426f6ea58f28422a68d61c7eaa56f7f0e69b

    SHA512

    9e5fd8cd3907f27e3c67d9e4a3dc45b18354fe0b9ebc4761b6084447fc9fb6a66a240b6716bed83498fdd196634948770cba92077ca84dba1da86ab3b4e92ee4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a98eb88a5cfddb589ede67a6c0cabb7

    SHA1

    610ccbf0251e56b3098baa5704db86022cce6348

    SHA256

    17b35d180462fda46766185e02da0a18b5958076479f2285b564cf89883d989e

    SHA512

    bd9024e57dcd44feee24b2c884ffdfc4aa839611f2880823f439014aa524cbd003b8424ea11bd1487bfeb1fc996af77954edd4e8f2e1ffd6ea0f55b2c055f839

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36d9db0b2e3aa124ebbaad51f7f4b523

    SHA1

    fb8956ea52957aa6a111c551458a5194e034bcfa

    SHA256

    ca2d3340b4432e1c2d65aff406d7a155e843d9dd351126a13cc3007a28064e9f

    SHA512

    a8d092dd811752ddcaa352934d9958cac66407396ebb8bc01725a39eef66d8b1b7173c5fa9e7228f038354333928af760a802ed5b94241436ac00962fd4b155d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c27fe446a4b3090215d1a2bb8ad564a3

    SHA1

    a4ed1d4c8d9542d318e7e6edd30395d6dfe4f9d4

    SHA256

    461e2b5dd52d1dedfd2ce1689be5b92b78203113bdedc5d69d13a3ff3adeb863

    SHA512

    a4faa0d4d98aaac2ac05c9e4ce18aebe6b44f3e394f97cb33260c19924fc605f7a4236754ed225ef01bb1c034369892925a0237d0cfba1a9f858ed0c2b0dfd4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5604d8a1b59c534aef97a93b0a579f52

    SHA1

    ef8fc8e2073a8bec3e2c6ec87f00c65eb20503a6

    SHA256

    7a5d5640535be04102b89fc85562a02d89cd3c96c5bb2ec3e45f69932a9703f3

    SHA512

    db4334bbb881aa863d133162c85ef636be3efda9ca1a9fc897fb8f9c0977b783df2fe93acfdf5b19580a54f452ef24585c47cb1ea1fdc4f2a98cb42f8ca37403

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcb4401876b958a43bf1acd4055cefa1

    SHA1

    28ab9913808db32ffa0cd62c93462c7d5416ae1f

    SHA256

    3d94cc80d8c6079865c2fc50b2bd89338d16cfa479118d2f9a8baa9078c6e165

    SHA512

    70521ad7b47144fe095791ed61e482b5489835b95c932f11606bed0e9b91b94afedc5a3daf61dd54c5a7e72a80b1eed904b6cef7a1494f796722f691cb515b2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18175cb5a5a229bdecb73b7dcf90e65b

    SHA1

    0713375d94f266de51b793ff158413dd722aed0b

    SHA256

    70c2ba95fb8f42406555dfd1fa239ffff99b54d9265d1fe68fa25626a44c1452

    SHA512

    cdc99316df7be333cd6b026d0ace6bc47a8cbc0ae4d3e4e756ba84752aa66f92114503dc2cd7f69f06b25e4a475a69f8530dfed063ecf7c7440534a16c74b4fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cf519ca7c4dbc5b59240394fe66bd1c

    SHA1

    66b9d33b01d6eb9606fa4dc64600c9efb125ba5c

    SHA256

    f417ad97510aa2f99501cf8f97cd8b53d6d23ccdde620ea405d1cdc7a559c387

    SHA512

    d5d4b80e5f881e22b93afb6d661b70e4e78834f1abc6ad5f181bbf0d0068459e4690aa345ac5b78f42d6a639e7dbf903fd6091836805fc8b7819932f4658b91b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eec39fc4f84ddc77bdec91ad8b7b881f

    SHA1

    0c24ae65e49ae2698c98bb52bb36ac208954fb15

    SHA256

    b1d626d27404b32e760525cd1abbc9ac5ecef4f998b14150619b45e242f34a56

    SHA512

    c99c308e467d3298a62413cfa358585f168fa9e036a42a6756c64bef3fa708cd06542de5e79d6c9666ed3817cc55b2254ab74fc00b82da37d6c5d4345d0df77f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab45D9.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4813.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\3P5F9MIP.txt
    Filesize

    606B

    MD5

    ee726dfabf46c574e6dd2d32e5dab2a5

    SHA1

    a177eaaa855f86a361f9160db003e9aad55506c8

    SHA256

    565fb4219f85ae87b90e1ddaa907e8a25210cf1b0ee129208f1f0b55630c36de

    SHA512

    9aa17c0c54b553ab6b045a03dfa1510ce4866a8ce864df4b174b07b1cef906b9ce2b4a7b17febfd280cbe130aee3463b9508507147747343df8a47d98cd5e1c8

    Download Submit