Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

dean.mekon...=.html

windows7-x64

1

dean.mekon...=.html

windows10-2004-x64

1

Analysis

  • max time kernel
    101s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    16/06/2023, 04:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dean.mekonnen =?UTF-8?B?Vm91Y2hlcg==?=.html

  • Size

    2KB

  • MD5

    5a262d7fa0617f668a46d1a2a9235149

  • SHA1

    a918289e046ed85b25cfcc5d417decf849e9a2a7

  • SHA256

    a5d82f73ea4100f3b9879c558220e4fcf470b44854b43535ba68afc2663aafbf

  • SHA512

    1f042913d9813169c8755f4dc13e44680b6464ec2949681aa0b703caaf40b19cae0eef34d5122aeaca4c967f282f8a7b1bcbf07f4cc74ae1ba4e20946006c649

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\dean.mekonnen =_UTF-8_B_Vm91Y2hlcg==_=.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:592
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:592 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1008

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d7912464940324a37348ab04d529a06

    SHA1

    f29ddb81ccf00acbf347ade6dd2bb5aee04430b0

    SHA256

    6605e2eb90e3daa117241111a98f34e3baec474d8db6ae107248d9f64b9d1670

    SHA512

    00375240cc9596c79d1907eb7d346088315f32f70b78d979353e8e863321542c923dbbc4901a4482850ff57b7a75ac3eb16a4b29ef9134dc5a2a7795bf9b96b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cf98b3a5fe55aec003bfbbda45ada9d

    SHA1

    ce92fd366a1adef31b24a872975e1840e733a4dc

    SHA256

    c1f31bbbc8be1797aca289a187f45a40af18286dc2d39680d503175341660e5d

    SHA512

    3702bc2b4362eafa3cbcb9c8fefb91b726a528c2f9faa35d661b4f7de064562bfa2aae3ad454dcf48a9660c0b9a559fff35e7846fd7db8765dd85e13036a3c2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb1f7a2504c3a18c532a22a4479c8095

    SHA1

    fc3f69cd31934f4f0e57cbeded14c8cdf2f49d73

    SHA256

    10de7078bc3be05354e2c2a2dfa3aee7155f5091083d3f49b5207b57207ec256

    SHA512

    c54c806aff9be1ba8570c0127c102bfb18ae1896e6463aee7c6baa8bd7ff3f0a3bf3ae39bd3d13b058ac8519280233454f0d501f1e9d4a7ca6b092e2b9b8fd82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f2b75c37bd4bd57d3bb847fc9726d74

    SHA1

    8da89ba2825251ec853c1be668849b592fb9718e

    SHA256

    b7765bf2cb02d0665f222a287181578bb9919fabaf06aa7d45bd877d396e85f0

    SHA512

    ce7f9a63fbb4ac941d9cae48cc251dce31ffd8f67cb814d2dbfd6c4be20b210b2610f1f1ba9113271370d0100cac8f3270a0f41b81a8f5b45502dec83315d76a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4de578d470bf48297ed438764f640ca7

    SHA1

    fae381de15757070f628976fe9d215edf9b7601f

    SHA256

    9933c1bcb8794de8e60ab1aba1c271e40f377292859c57242dbd8573d2fc30ef

    SHA512

    6f94ef7c65bfd4f091fa3bab63a79a97f7d8a2fd1dc419b0fab7e45213f1c40d736a5f28d04b9eb7aa87f171c4cb06b7604b25f591e0baeca0af05667aff1be4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a2130367a9e2ea2c1247110fcce311c

    SHA1

    271d20c3d5f18708f7ba2af39d19f9c0dadda96b

    SHA256

    09e29a6036cfa4c8a430b26654138fe76b575ff3684bd142ab5ef98feeef37f9

    SHA512

    468f2603c802dcf45b93eb10033cd99d4878451092aa56f3f6c41de8bfbd60e3a413d089d2c63d8d6c4290334cf4b36976de95ab80a46ce68fb016cea70ede1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9eb46c06a167f59e732ff88ee6aef2bb

    SHA1

    6607ad5eb110a7b9c3cc6f0cad74f7a58eea2f09

    SHA256

    5f0cb8c770e0e5c1eefb7c541343253e658c6ea5b1be551ce69ba62fecfd50bb

    SHA512

    0f1f771811c7ee25a090f1d438b29985d7be3ad6083a1ddd1c84e2a4f7fd2b0fc2ce3aa54d5cceb0603e41a5af391ec4b8042da229f05750cef7c6848a601480

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    656960a15070c47d105aded77d3ce31f

    SHA1

    52bcb8d40eb09abc24d24554ddcf63389ec44cd4

    SHA256

    fc0baef71579e8ab2341045fc0c711ef1bbcb208d4265876045d3287bb9445a2

    SHA512

    4a836a6cc3ac966db6c8edb0fa0f55cf74dcbc3d362fcf371ad1e211fd9b5467c50fa3a9de7f70cd2d396332331999a16cc431b33fb9908c6e79d84e72b84649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14cb4cf2e433c988ff79dc541913d754

    SHA1

    72a13c9cdd54ba386aeabf701942a762ac0faf5e

    SHA256

    d2b743b991d8128a347aaaaf443e008ee3eee830ca753332b33d766400dc1006

    SHA512

    d83474298c740d12d9e1095ee979174eff4f3695f06b2a52916b8bf5a07743ece26a44d7e8d3d9277659eb4cc53f3d6c5a4a0e3a13cac4a78f86a6b974bb651b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a75c138b416bda4b0ab255cd86b31675

    SHA1

    9432c1d28f8762ba8e417a3e85d41e08efaceba3

    SHA256

    126c8ffe497b6c120cf22792e489e7bb3d0bec52bb3a769b0c96d8922b06b416

    SHA512

    8a3c55d399794963c7781a0a893e10368dd2bd7504ad9089fbc43adb5124aebb3a52042d91bacc1fdf11794ac0c25e2d8eb54bf38c218446bdb67e8cff20d6a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62ac82c25a50699e9dccb51d0bda751a

    SHA1

    f132b250794c6ac2ae98ec81d59eb09a1a191a7a

    SHA256

    7f2018fb6e00fe0b8efbb1968b4aaf8bc5f3f47f9770ea8455c14cf624ec8f6b

    SHA512

    e9ab299894cfb7eb752bff2ca4afe1b98f0a2d0f241960ce752c4af3879285d03dbe4ef5c27beef20a1327fbdd770b3b539ce4b6aa5b227163ed2092b83b9dd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8e61ef8fdb0c867f67706692ede7421

    SHA1

    fa028ccbf48fca099fa554be7315368e9c6da9d4

    SHA256

    292a27f0f4d5eb08183bbb68bfdc45f17f3d77b9078f1d8139ad1b07052b79fb

    SHA512

    674379edd946e99d7613144562319d471f31405e6a5618316567a24a216978e1deb8457ecb29a957d81454acf2563c0d32e57a363e43561e49d486bbc3e78210

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7808d29b588cc291935c8ad5da5c33ed

    SHA1

    d887aff8bc6606779b613e68f708427ce7fc9b89

    SHA256

    b0581f123d11b2f95eeecfa96cd8c3edba2d5980fd3fec419b36fd9db7e0f213

    SHA512

    ecdfe1995164a34af7e664e785bedbc164370a88773087096bb97d68acbf90a3d934a9cdb8d04a5c7055d9c6e71602b3c4a5966f79144b3b4357af86a7eaf332

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2EIRHNV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA299.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA493.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\AHW9N6SG.txt
    Filesize

    608B

    MD5

    0a60b4b8e7865c7c7002b92477d2fa35

    SHA1

    3b085d6f1df5bf9e85030d3eea79d84c1b4ad79a

    SHA256

    18df78c017d4663318a970c52aac4df7f9724684863cddae4165e9549219cff1

    SHA512

    9c9cd66efa24b07f2bd9d44511834d3b5f77d65f4e421704522c175461fb0886969da702b337530915580487e63cb111a6e41febc87945d9e50a96fb5cb8c90d

    Download Submit