Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

URLScan

urlscan

http://www.icloud.co...

windows10-2004-x64

3

Analysis

  • max time kernel
    70s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/06/2023, 12:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.icloud.com/calendar/eventreply/

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.icloud.com/calendar/eventreply/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2796
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2796 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2796 CREDAT:17412 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3984
  • C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -pss -s 476 -p 4180 -ip 4180
    1⤵
      PID:5056
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 4180 -s 1764
      1⤵
      • Program crash
      PID:3804

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2A7611428D62805A3E4E5BC4103D82E4_93980168F338F037DAF9798B595DCB15
      Filesize

      471B

      MD5

      8ca343177f16bd519392afb8228fc60c

      SHA1

      f909ef9dc951a54e51c8384c3ff091bd67ce67b0

      SHA256

      6e52962d750bd26300a7d1003c66c0fe7f1b175ef380c370cfba4a52939c83c1

      SHA512

      e145c0cc65e8cf80f5c0ca3912ea603d4c3a8f7e96f0b6eb2f1e7a6b1b2079a907f1b70ab2cc4c1c4c662e2e82a59ee81150847f204ea90732eb5ef30f422185

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      471B

      MD5

      82b6e24e9d7fe90d647b5b81389401b3

      SHA1

      51f3af35027bc77cf6912e6dd3d6cc3289c19c55

      SHA256

      3483fda8fbc0fa1d77780c1c46e372c3bc834a45b19d149d0dbc8c2fba26322d

      SHA512

      3454b31c7111bdc0cf6ec133ef1dd6755abf0b006f77341b904fbb8ad25a81b548accc510f1590c2a3955f5bf86f8b023404e1acb9d2b028bb29067848936f7d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2A7611428D62805A3E4E5BC4103D82E4_93980168F338F037DAF9798B595DCB15
      Filesize

      400B

      MD5

      a29361d1e87d8af7623276a4c2fe6615

      SHA1

      b8d87883688b9ee4ba45e82d87848fbd61ed068e

      SHA256

      1760938bda8764f0a55bc35be36c65d0bf67c8076e0fdffa5329c9b47439659e

      SHA512

      bf1da33bbe391441462e0a63906f8ba874791e672a2e6ff327082c045a2eaec80b9480f56c2b7cb06047547e343db81417178a049ce58bbb6d76c69d4d4738e5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      404B

      MD5

      99d8ebcb4d3b63065b039dd13edd63a5

      SHA1

      05b58a5e094cd899ba1bb6ce911d961259a3e5fd

      SHA256

      5a5502fb85c678844c5cdaef03bcc71b923a1ecbcaa949788f7de5ea31765a67

      SHA512

      77ecf70060036d52764ccfd1fa493dfeec4d4e5b911b435470ddf95422e684870336034d4ed5444a145f4e091122b48ed76c1d6ad3df5fbd92ca87c731a1d978

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
      Filesize

      22KB

      MD5

      1bd7d37fe443e40c72d772f0d51a5b47

      SHA1

      7da1eac4747248dcde2c74b21320e3eae7f7fac4

      SHA256

      3b4b699415f6a34915cc243e8700b24d38e3710786ebb4459719a174979018d0

      SHA512

      3bade076b150bd0d3c0a8329004c024d23f24aee2d12e24fb19baf55cc06907d4458e5cab2e1a4c82d305b69baf99838bc463a96dec64cdeafb0dff75ed26e62

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
      Filesize

      44KB

      MD5

      19ed21b0234a5d68a6e942b15e188640

      SHA1

      94388f559f64125c6402889f9544b7631b88d42d

      SHA256

      dc3f7b51f2377282263634ec888ae4e5cf45bb5aeade14ce6fcbfa837d5818ca

      SHA512

      97643958b7f2ad0a58254747cc9cdb8c76a5e1e1e14ba4ffa2aa47d0e2d25cfead1dae68b852d0dcb7d73227f242de17838194d631308bad1228f8ec84782c10

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9afmek3\imagestore.dat
      Filesize

      44KB

      MD5

      19ed21b0234a5d68a6e942b15e188640

      SHA1

      94388f559f64125c6402889f9544b7631b88d42d

      SHA256

      dc3f7b51f2377282263634ec888ae4e5cf45bb5aeade14ce6fcbfa837d5818ca

      SHA512

      97643958b7f2ad0a58254747cc9cdb8c76a5e1e1e14ba4ffa2aa47d0e2d25cfead1dae68b852d0dcb7d73227f242de17838194d631308bad1228f8ec84782c10

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\favicon[1].ico
      Filesize

      21KB

      MD5

      310fd67d702063937e39c17b2060067f

      SHA1

      503b0c1cd35674b8e58b6b35431f381f1417a1a5

      SHA256

      2ee7ca9b189df54d7ccdd064d75d0143a8229bae9bdb69f37105e59f433c0a8b

      SHA512

      d523f0caa326b7842cb2a0d13d95e2d4cf432fc7a6b12fa503b7175aa188a848c9aff631685bfa2d2d3609b7fcc6ab398fd9cc95ecae436ffa9ea2d55550e616

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\javascript-packed[1].js
      Filesize

      933KB

      MD5

      b1f91c4f1755288b4b6e64f3c225779d

      SHA1

      8d10bf430becc51a74804a0a0c7d3f0a8a143924

      SHA256

      83779b60494e90a59186b1917ad5aa668b89b13c34bb8497a1075a98611b4feb

      SHA512

      01eedcb30d08ed77b8aa480525f38b154724af8a2706157468f28fcfa17e92c70e6af87788132c56532d18d293a12a9f81b860d39b253af16c85ff3a481754bb

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0P80TOLA\overview.built[1].css
      Filesize

      417KB

      MD5

      f4526364900ac34475c9c7cb6c1de5d8

      SHA1

      eed11fa4ffe67211c4a6eb1d9f6d822d1f33bb18

      SHA256

      8e97d734992d1081014f248a28fa40ad7639df4c6e7d934dd5c50921e3c85b95

      SHA512

      df53d5b9d9df08380c0e8d5ce9f1bacd6880ac53ba2e6b04fea113e20be98e2d9b125c2c981b3a9d0a0abeedbe9d058cb9ac925993154a82ddd3372940df4fff

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9YACFB9R\stylesheet-packed[1].css
      Filesize

      61KB

      MD5

      ed51937ccbdb6d696cfa6801ae0fddee

      SHA1

      7f50447b103558b41a0783b9314fb37e1bab5712

      SHA256

      837aa5e47ae40dbb471dbb56d9d3c817ce8ffbddb1aae20f3343c573febcabe1

      SHA512

      62a6f5b12e90ff22fab0829c394b222429698e492299d81074608c4fda6ff7c64ff9d776892621d318aa765ae33e70965261d1d7acb43308262d1d7059c0f48b

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DKFP9JBL\appleicons_text[1].woff
      Filesize

      1KB

      MD5

      dbfb39700c2ae4be64e11f56f67b8800

      SHA1

      594a44bafbe3c796dcd000c8a8a6ebbdea553f6b

      SHA256

      b36e10199ae62e788fab5e154b2694409745e146f026219436b71d5bca185c69

      SHA512

      b22ae2a3127c972cd9249af89759c14b8d36e76a41b1d556be896e51f8c16deb22cc612ab02f92c200842269cbb2ee90f78ebdfe683a67adcf793c5bd7ca4a74

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\favicon[1].ico
      Filesize

      21KB

      MD5

      38cfdb248210ffd12a6e774119609de8

      SHA1

      d10a44e5d06c8a95e4c61ae770cc8f0c8d372253

      SHA256

      5493c61cf725cf3a1d63cd9d07de75b0d6faa5564e772f7d0a6074f341442938

      SHA512

      7d0ae6125e5c10d52847ac10e5200f2aaa84932ea5d10af54440c0abc27af19285cb760f0e8dad0bac4371e4b384ffaddcf235f9f1ba29e6dc41ef29deac4fba

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\favicon[1].ico
      Filesize

      21KB

      MD5

      38cfdb248210ffd12a6e774119609de8

      SHA1

      d10a44e5d06c8a95e4c61ae770cc8f0c8d372253

      SHA256

      5493c61cf725cf3a1d63cd9d07de75b0d6faa5564e772f7d0a6074f341442938

      SHA512

      7d0ae6125e5c10d52847ac10e5200f2aaa84932ea5d10af54440c0abc27af19285cb760f0e8dad0bac4371e4b384ffaddcf235f9f1ba29e6dc41ef29deac4fba

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\suggestions[1].en-US
      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

      Download Submit