Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

URLScan

urlscan

1

http://url.zip

windows7-x64

6

http://url.zip

windows10-2004-x64

1

http://url.zip

macos-10.15-amd64

1

http://url.zip

ubuntu-18.04-amd64

Analysis

  • max time kernel
    1607s
  • max time network
    1729s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    08/06/2023, 09:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://url.zip

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Modifies registry class 8 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://url.zip
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:688
  • C:\Program Files\Microsoft Games\solitaire\solitaire.exe
    "C:\Program Files\Microsoft Games\solitaire\solitaire.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1300
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x2f4
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1932

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf801262eeb4ab5ffbdb6f8abd325825

    SHA1

    bf75ce5cfc70de239a2aade1dde7f26de93e2748

    SHA256

    ecbcc87de736b82c643d4f79077029a1e1a867b46ffd07a3be6e38de2293c455

    SHA512

    45f545320cd53b603fef646629c21d8c88e65c38ea81e8b8cf91c2e063b03c2ebb7f102f7c64b6642a4f54bfee3567af2be9c23acafe2126665e1f3d09345742

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d52b068d2ddffc9b4b15fd963542a5a

    SHA1

    97ce1f2ed3b1f5ba08814e8791a1ed7da75d7c79

    SHA256

    a0b1541ba8efce30af30529d18f8a751b79d8606c9bb2c636e18f8d789794857

    SHA512

    1932020f46af3ae65b3bd547a3c45f6af58b4ab1e56e0f36b608f9acb2afcb6e4826ee951b6a275d04b184293aa02e5d329093d884b6719fe5aaf8419970ae8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40a0410f2ee17af0f9901ee9fdeffaa9

    SHA1

    923b2d0fcc337b26e6619e7597de55587da032fa

    SHA256

    9b5b4fa04496f0e5ff0472b25866748e89bf918253c7dc81e750afedb2c4cbe0

    SHA512

    fc8fc3cbcf0db9d5c267f3a22402a1ffd54b42d08f80ac9ffc7fabc251924541822a3c4e1502db0b70177e454344fa1384b9904dc76e5d975597e8cba5f8677f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f0e1c5943baea80bd6a583d40355dee

    SHA1

    1839320447ce2f0e9c68cd71105bbfd093400ca1

    SHA256

    0f1afc93057564374176db194b72776a6c0a9ef3e1c807e461ee8581c90fb26f

    SHA512

    76801b18f2b0cdaab29e4bd5c29d821d893900ac3e939704c430036a8d84d95c6b9985514527d465857cc8bd05ddfc78653c6bbb2e3c15c4cd1fe3f6d4207820

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fea481f1c9a509986cfd7982e231874

    SHA1

    1bd8b7362cc9117687973120edaf87b97403d5a2

    SHA256

    0ce3f630450663c0582619d6cd24569c4c1189633c5f8c1c19f33c691bc3acea

    SHA512

    b21d9943f1d5c1764b70be3e6844609beb12441fb168f65dab0658b68036442c37d9a411deb6974438418040604ffaf0b22030273cf0119f7332f66f30074fed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5954e349ef0899e2502a08c2f1a802a5

    SHA1

    c18e6b2e4e2847c05d7c68e9361565ec95bdcc43

    SHA256

    9b4b3b1f9425ba152b07424093615539498264ad1a701f8f0cd2a0c0cfa88669

    SHA512

    2a89b03b4855d2c2bb3f21fd234356877d4c4c14113bdc37334dd9908ea0aead209ca0071cd5ac038a3d25422965093a0ca2f4bc4d7bf113c88f36308eb5fb28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    379c4ae32d5edd2624f9deff699838b7

    SHA1

    19a7087e3d4a22b685bf6a1853dd7772d664eaed

    SHA256

    2607703e53519382d6296ee669e9f1a8e07aa6b09b22de1c05de0192a8d9e352

    SHA512

    f4abe26226f8e4e3dc2a31228acf59a92c8ca0e2ba3c36a5b03a5b58a7f5be20fd8b4b9704d2ec2a53845f2f1bb66d243db88671e1892ea78d02ed2a96c3d44c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf814415634c264fdeb15f5280ec4796

    SHA1

    5a2d9b5f80cde8bd2a4a4c708ed0df76d1213b09

    SHA256

    5bf3eb31d63bb9a7e6117a584c68063047f564273c97ac0d188768804be4b8d6

    SHA512

    8dce6af5948085a26954ccddf2266306daad9f09326560883382921beebe28b84d836e277216237f2b7d0b4fa39a4c58c7cebb64a8d41b98b4e10f0763339d73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecdec3d80a0767bf605a63cca94e739c

    SHA1

    f0df03d75c1948c4948605b7ae546e5b0f2e90c0

    SHA256

    02dd9de3599d198782cded3f7ed7a3985d017c8173dbae83732651570dcab96c

    SHA512

    8fb4d0d9df7815b2dd98b31d724c5b4dd06b041611ccf4a4b511a3bf61247c271e0b069c0837f98d6ce045777ef357bce7f6d3895a5fdcc579009a80c750caf4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5CC3.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5E61.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DFE02756C3F03C6974.TMP
    Filesize

    16KB

    MD5

    7eb3dd5ff446b4053771160c223b29e7

    SHA1

    31fc736877e9079beb68eaaf9777b7797bdaf680

    SHA256

    7e7f7f17980c43307f82aaa822cd933201788181d4b0197c09f12da73ca87cb4

    SHA512

    a9b0da5f12739129fa24c977250f64149f245f5228459b3d6e5d41873e8a55ee9d8eeadcb8c107d5df6dcff1f637610136f8d4c2265d890107c71626b235f12b

    Download Submit

  • memory/1300-560-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-559-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-558-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-557-0x0000000001C60000-0x0000000001C61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1300-561-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-566-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-565-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-564-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-563-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-562-0x0000000001CA0000-0x0000000001CAA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-576-0x0000000001EC0000-0x0000000001ECA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-575-0x0000000001EC0000-0x0000000001ECA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-577-0x0000000001EC0000-0x0000000001ECA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1300-578-0x0000000001EC0000-0x0000000001ECA000-memory.dmp

    Filesize

    40KB

    Download