Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

XCIPTV5.apk

android-9-x86

5

XCIPTV5.apk

android-10-x64

5

nopie_open...64-v8a

ubuntu-18.04-amd64

nopie_open...64-v8a

debian-9-armhf

nopie_open...64-v8a

debian-9-mips

nopie_open...64-v8a

debian-9-mipsel

nopie_open...bi-v7a

debian-9-armhf

nopie_openvpn.x86

ubuntu-18.04-amd64

nopie_openvpn.x86_64

ubuntu-18.04-amd64

opensource...e.html

windows7-x64

1

opensource...e.html

windows10-2004-x64

1

pie_openvpn.arm64-v8a

ubuntu-18.04-amd64

pie_openvpn.arm64-v8a

debian-9-armhf

pie_openvpn.arm64-v8a

debian-9-mips

pie_openvpn.arm64-v8a

debian-9-mipsel

pie_openvp...bi-v7a

debian-9-armhf

pie_openvpn.x86

ubuntu-18.04-amd64

pie_openvpn.x86_64

ubuntu-18.04-amd64

Resubmissions

04/06/2023, 10:57

230604-m2nyzace5y 7

04/06/2023, 10:52

230604-mye7nabh78 7

Analysis

  • max time kernel
    100s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    04/06/2023, 10:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    opensourcelicense.html

  • Size

    58KB

  • MD5

    931a4494e5c771e0cc1a0c45f14184d4

  • SHA1

    39035ea604a97b42b05579fe63ca5c74a282c2d2

  • SHA256

    86452afa94b065223a17749621baf3ae62f27cadb5ac62bff7713be6f40a0fda

  • SHA512

    3b684c21df219b2f3538dffd606e7c8829eabd14512fab72051a126d8eb950dfccf9936f116fac88bfabdfdd1e8ca5b219c9c80d98ec95f2e7d14ed62a7b9d33

  • SSDEEP

    1536:O8HE5N7PhcmCGUZjTXOrfeI4oQaO1iVyGBpXEuTc23aWQNmYyLrDh:OmqN7amC3jSR3QaO4jBmx4YyLrF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\opensourcelicense.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1996
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1996 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:548

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21089aeb0a344e94c25b23654ba122b7

    SHA1

    c3a2f19e045c9276a03f0fdd96f73fe2f9136d36

    SHA256

    53c44a852630ea6368bb8a2a2035c7281e90decb0241b1479235dd6a1f7da8ed

    SHA512

    8eb121c2460e56b7d2ac9bc72643a7cf23119632e8a84c1d04cf050c44577ac6e0e53f71458312a1d59c3389cee8f0d9ed9b794dc36917c119a761bcfe4162f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    263f3aafc2e0d7f39b3c07debd85ab48

    SHA1

    68684775f4cdb770a8dcf1e9f5a8a8cdf48db466

    SHA256

    a36df5eab85740221ffb0cf3839ab270de366a94f4b1bfb6d77fe7bd1bc91424

    SHA512

    e79e519b7241639baa0bfb742aa5a8035a6300ed3b80d71071fc5861979884a0a7561e2da0a59a6c0cf916982b6626f8229a6365c95dc6109ae34877a1924f2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd83054651a1b6166f9a363567c8fe2f

    SHA1

    944ea1b20b56a19e1113b2a713e2da661946b24c

    SHA256

    6186a77cda7b87539b22d025ef5809ca4eb1299f8317f99230a0bc7fc2f272ee

    SHA512

    7ad5d9fe722173521e5378d0d4227831be0d7979430891632359c3a2f6f834a43641e4485a939f3fb4c71855626750cacb78ba24d42a1eaf5434ff333227f190

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ce35b622ef34f3dce589ce7d1c7da87

    SHA1

    fd13e0c01b4bbc4009854a4ae3fc0a360e22cb68

    SHA256

    363a47d7b906a696863e6a417c321b8101d06d6e7ea9649b734d7ca60c6e28d9

    SHA512

    d1fdb5f5ac62544896a28533f68d44a1f01d2b0ad701c3f2199a3be4b91245004b9975a2e9955da23bdc1e4f5476c200b70e2842560b5279aff723dafebd5943

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd68e879ed79c61ba352e4525bde02a7

    SHA1

    17b40a6b356a35de68210cbf2ae2bd70a8689c45

    SHA256

    ef2bb6689a722b3fef05a1e3fd9b8f0f4ed97cf284993350f9b73d9d0f2fee66

    SHA512

    6ee99ab2bbd9d5a06b99e8917e9a91812a506c7878c2a75a3e6f96cb8c185a66550f63c7bdd482bc6c2113cf926594a0a4e774ea97f88bd2ab1daaca956112d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73a6bd3ef383c319fe6ad124f9dc59f5

    SHA1

    0e4e1752ccb332cbc1088f7848f1a6c53bc4281c

    SHA256

    5b9c0acacc25b67bf491b3ef0497df0b4321e0052622d49ee047eaf22e1c45e9

    SHA512

    d1d2ac32343c3b56033e6105124738111f89824daac40a59f83f9459bfbdfa686e31d89c8675de682c56c5ef3f17660f96179d6689d25c916eae4cbb9852398c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21ef62696138d073ec8b4ee901a3d27a

    SHA1

    0f8c0ce9942187c6699989ea61d3dbc287585c60

    SHA256

    a6f4f23e1eca81f654d0deaf4af62998c9579fec213e6899773f98e11c8a2221

    SHA512

    8332028018f97690bc3183330dbe6245ea5a75d2d7def029da5d246c99d8b73bfae6c0222674c503e8d164046551a10e3409721e02fb4748cdb100f44aa0df4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7cf210acf0142c879f8cfcb81da9774c

    SHA1

    a5c38010757d4fb8bcde57f28174779b8d06020b

    SHA256

    1f14e8ff25c12de2c14e72333cb376b6be4adc32f9306ac23c251370bea3f40d

    SHA512

    08500ebc72445863cde05b4bbb2ebf3d80926ffebb83d3cc46a703ea1364967b3dc87595dfbc452837a2c57f6e6c23f9b12a3a34e5f253e2110fc6e73c254185

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38a4df906e03e00c334e608c35167b76

    SHA1

    c3d574ebf3a70856acc222890bad18a12ceb9e4b

    SHA256

    d19ef888188b380d0c92d616777b937f6c780018e1f8cd09e6061b11e79bb3de

    SHA512

    10729a161a2f1ab4ac4a03cfbd7b4740f8eadf310ba94d353e7f92d0e7389e65a814a7b94c83677cdcb9b4d641fe920df92d107854b32fbc31b85434fe3ea21c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b9a0a9775db308622f53284cf5ec8af

    SHA1

    97632027bb8ed73d5e439b274617885c4e0b8084

    SHA256

    790cd008e228cf4aa3afdc9246bab991c1895b780a9b2bc84a3ac9645bc340e4

    SHA512

    287c912adb4e081374980f19bd365c6e7d95c2990230e38fb8a3cf4ebafacda41bda31cbe5795c33eedcb0ec14b5530ffc10c777f37e8d54d40fb533340ef1d9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5F9F.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6321.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\DRGRH48K.txt
    Filesize

    600B

    MD5

    ad958eaf3c9d68c939c613d7fba966ca

    SHA1

    5a745812ee36e7422fdf96b32458b2ca1d75f991

    SHA256

    ff96b67ad2bc89dc8d2b7ebafc41fafdfab8b08ed3ee042145831a0a166ac5ff

    SHA512

    3c9f4343675d7339222a2d6b4a6238581f5ba8a6108d8de26269e36312d363847edf2f3cb4ee6eee6aade795d782f590277200813ae12b0f51cd1770c232fbbc

    Download Submit