Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

MGrqcgi94.html

windows7-x64

1

MGrqcgi94.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2023, 07:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MGrqcgi94.html

  • Size

    560B

  • MD5

    fea559e764eba61012bb39f08269de10

  • SHA1

    76585f8db078b2743d0fc37f4adbc99bf4586b39

  • SHA256

    98d2fbd02fc09e87285450f23cf573dbf4faa9fcc4fdd5f91becba8d48f91d40

  • SHA512

    7b35f6f8a0822300d9fea221d4c95e103deab4fd114f33f11d0d012c6c5002264551b16d31319618841085977302f54af76ca4469d78e5f3382087ffabe19f7c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\MGrqcgi94.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1124

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e87d90b203b5927bbd223ca62f71e5e7

    SHA1

    417e887d1c6a7e7b8affd5865c3664a3c4772b5a

    SHA256

    c327d7c3e130381d290e1af3062f14ebc39f4251e5635ab4929eb2b29f58d3a7

    SHA512

    431d72bcd7b016eb9e5a78607e78d2590cb6bf111078df6b077f871c1908c7667c75a6e4d93dab473922a3b3f94394a29da4b86ad9d45171943d24c612b84f18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e6671a0b3c8203113a2298df8fcffe7

    SHA1

    9731c5a3f51e04633450eaa9a861350bb9423a4b

    SHA256

    c2f6bc7c6f01942745e9fa6dc002aab82dbc84e4871295f48f4d610b90c21974

    SHA512

    cf1bfa6bdb5b0d1eb68974284d538ccc0b669fb0aad770c7327c872f44e32ab26b8c78d69b3ac4139eb3e5898801b9417e33146b2d55794647358eba7c1c7670

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14db9790465b44ee206f946e8525adae

    SHA1

    330024b33066b1d3b15fb855041f2daf349cd163

    SHA256

    b78cc4cfec48032503e5dcb72cdd8c9ea375af7041c3e391f57d31c9737a8873

    SHA512

    107bde3e18220936507ea8413d3cac5eca4e3396efa3521a0529d502d081e4cc74b72c474aaba99157f25e4b8cdcb689e9e8797467f38d615ac06bcc56c0e9d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55845a727dd7f12fcefe1b5316100dfd

    SHA1

    09e15ccdc0936b0cae0688488c005648db2e534f

    SHA256

    e883b14f2d9a97cff6f8503eec05976c6a00c280a907a8a19f67bf6303ca17f0

    SHA512

    937ad57bff07962d925e7216a0d157ac9f7afcfd3d6e2b86287b039f8072b9b4cfffabb6303ed58a05a91ce0e9c4d3400d8d3c5519431ddb1ff3d42d2d6c91eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a89966d24e347eca8282a94313eceefc

    SHA1

    23f1ac04a52d93256c039ef1b147a2f0768ee493

    SHA256

    ba9a236d15df6af05cc18c66dee0247e4b0c4ba58fe84e8373c5f682b81effa7

    SHA512

    b927709b0656da09e2073c66942b100a0c7f79c56d7ee6a64bd014efd874fd3b2a95d1b64e61864b79e531191359d6dbe4e4fd2928658ea3c9b147a6d3b5f74f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4482.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar46DB.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0EB1CE3Y.txt
    Filesize

    606B

    MD5

    e199195360bb52c4d14b89e7e741b1e1

    SHA1

    f4553ca57d779273db09341f5fbe2c619d5bb17c

    SHA256

    748821bd23d77bbfcb4d9183dc9d829af830ecee2fd81431be6db4b5e2bb194e

    SHA512

    30f574b78c8ddc2a76668331c7b081985e381d86fe30a582fd5982814be360c174bab9125a6791699cf29f30de91c3bb38bb1f4e874e1dcac35a16e6a011e51e

    Download Submit