Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows10-2004-x64

6

Resubmissions

30/06/2023, 14:27

230630-rsp7wsdd78 6

30/06/2023, 14:23

230630-rqdq3sdd65 6

Analysis

  • max time kernel
    141s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230621-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/06/2023, 14:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/file/d/1fJB2h48Vk9b_z499X_2lLVzKbmglNhDy/view?usp=drive_web

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 60 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 5 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://drive.google.com/file/d/1fJB2h48Vk9b_z499X_2lLVzKbmglNhDy/view?usp=drive_web
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2572
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2572 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2572 CREDAT:17412 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3436

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    91462ff17c47fbe4a4c00fd034c0dee9

    SHA1

    ed05319b498c31fcca466dba18b1895ea9ab1893

    SHA256

    44d7962c129478b55afcd24e9115fbd3d5a80d992cebe858aee61a24639d5c85

    SHA512

    07789fe2b4594f8faf20209aed200ec5a0cf262bf20d42ef74eb07eb9b7dae1f221baa465e5e84fcee2e0e024edd9d497d3ea14717b7f3816d628be36b17a199

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_B7F77CA30FDEE9C9F40235DCDC85DF26
    Filesize

    472B

    MD5

    9698e5bc67fefc4fb8143b1e83869b29

    SHA1

    aa5ee61bcda0d2a75e8608470d11ec631f110eda

    SHA256

    8ab87e68190fb1e8b7bc49035ac0fa86ceba137382366af4bf02e0752341e4d1

    SHA512

    de61e0580addbb152ce2837787ae16bdc09ec8ea1f3678deba711995a47359efa2e382a4f372defff4675c06a002a89300d647870342a7a198bc9a4a401f3328

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    4a552420c7864c4423cf99e284010d71

    SHA1

    7a5dfd0fa6ba5b586aaef6834038d09859d34fe8

    SHA256

    4e01ea6b5a9bc2b568de91f514cdcd5224ae9e2306ca49e24480602dc5fa89a2

    SHA512

    c2df898494e359068195f80e707026ee697f7ff0a419e0f79a3ebf4b64f7f98983abe73c6550c53994019c103c08b9c8e8397e322c7ed269f3a821a2b9d8f120

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    aa62f8ce77e072c8160c71b5df3099b0

    SHA1

    06b8c07db93694a3fe73a4276283fabb0e20ac38

    SHA256

    3eb4927c4d9097dc924fcde21b56d01d5d1ef61b7d22bfb6786e3b546b33e176

    SHA512

    71724e837286c5f0eb2ee4ad01ac0304d4c7597bb2d46169c342821b0da04d8597491bd27ef80e817bc77031cd29d2182ccc82ef8ea3860696875f89427c8e0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    dbd6d2c9d907a2fb87d5d54a9ac9841e

    SHA1

    1402246ddaa4c5debd2cc201e0de2cac51cff39c

    SHA256

    f644fb221605b966b158797fa96cbd385cb1bb1633cf7dc0c859ecf897327c12

    SHA512

    56b531e032bd394e852da76cced48dee6f1bb3e31e7a2481e7025f0b1edf832fe188610f7aee2757967e336a66d0d375cce62a8af75a328bcf4ce02cd48db7f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_B7F77CA30FDEE9C9F40235DCDC85DF26
    Filesize

    402B

    MD5

    fe252b73445c064a9bbba896d93f2578

    SHA1

    ab27f0b06e177b8b784938c126517a25ed190658

    SHA256

    cb6b48051bb297b3f34fadee9e12f2f60b46b662c11ace901e596e7544189c61

    SHA512

    014b1c69ae4deb36525213d7ff4e3c972e1975effbe3969c22ee7af9efecae0925fd17b5c353f20cc9c1b00b21c2b4f159debab817b2c9205dd510a789cbba85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    a4993d708ef3119d3191eeb76e67e164

    SHA1

    6cfea182399962ae8565af62ab1fa37e30d60311

    SHA256

    f64af6896648bd255ec4f5ccdccf0ce699c44102cccc5a88e7f21e1a2a631ef4

    SHA512

    c71b0d38937233561a18ac61bc43fa08456c1aa721e1179125b52e6fc14763c9a1a2c0e53a9df259cd4d080ab9c43b5bc7680f16cc09193fc3627cffdd4ac4fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    d84114b226b669665839ccf0407d7eb5

    SHA1

    6f3b517ed254eabc05fc9af08a8e25b7d1f94e8e

    SHA256

    6a3c61c09f3333ac4aa17bcd7477a7e49a29ca171ce25a73aa5b9cc6bf5068b4

    SHA512

    42c70c51086ceeb2cbdbda660d9c04c171926e62b2c133fa4f3112ab5dbf43ba7379e9627d446d671d8c620a79d57d080ad0689ba3683bf7985aea0b4dab3061

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HDWO09S\drive.google[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Pinned Sites\Looking for sex tonight in your area.website
    Filesize

    315B

    MD5

    62242d3abc55eaa47b0e09ee3bb60c2d

    SHA1

    d1eb414414f3152a883954eaf380992dc8d6c8b0

    SHA256

    292b5dbdb5e4c811f2944723c3dcbb35c86e93d39336d81acef1da2a194d19fa

    SHA512

    b9b18a8a3061a4c275297a5aaa0e78ff080e5ffdf9bc689603ad97b8eb53b829e0811f9e792ade6058e34acb32a65e4200599a4387a58c2a394ce4fa7efb3920

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\7ysgaof\imagestore.dat
    Filesize

    1021B

    MD5

    d6ace5ad995fe3bd204e67a7025af1cc

    SHA1

    896fea3644c28c586c81708b692e64131d5f7f77

    SHA256

    798bc25fff6cec274bd2ee15041a9e561a282df57eef497cd9032b6cc3a63f93

    SHA512

    49ad62f4df59f7fe77e05317448b7765729dc6dd2c9e61477af710a93691a3658b9d38676991d4ceb1a8dc9d9f27a40db84e8abd0e4eed630803bf10f76281e8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\7ysgaof\imagestore.dat
    Filesize

    6KB

    MD5

    22426e2f9352d169e52738e852232d3e

    SHA1

    5c75811412573a32be51c7ef044e6b0444f1b8e2

    SHA256

    71bc28f4a26e30ec4afcf3150328945893fba8dfd98d7ea64d5a541efa720fbf

    SHA512

    2c12a76bfec369c8a0b6a3465dd14b6e1ec583e96892b51bcc59ccdd0193bee83843fc94f0739d054761b43cb198b34dfa0ca8c13e548eac9867c3df2aa44010

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2YMNL2J1\drive_2020q4_32dp[1].png
    Filesize

    831B

    MD5

    916c9bcccf19525ad9d3cd1514008746

    SHA1

    9ccce6978d2417927b5150ffaac22f907ff27b6e

    SHA256

    358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50

    SHA512

    b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2YMNL2J1\favicon[2].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\IDCMYYRW\cleardot[2].gif
    Filesize

    43B

    MD5

    fc94fb0c3ed8a8f909dbc7630a0987ff

    SHA1

    56d45f8a17f5078a20af9962c992ca4678450765

    SHA256

    2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

    SHA512

    c87bf81fd70cf6434ca3a6c05ad6e9bd3f1d96f77dddad8d45ee043b126b2cb07a5cf23b4137b9d8462cd8a9adf2b463ab6de2b38c93db72d2d511ca60e3b57e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\X8M28FTI\cb=gapi[3].js
    Filesize

    77KB

    MD5

    2171e1cbc12b7503d7beced5964ab7e3

    SHA1

    3f162ac3deafb25d1e07d34de9869b7e8dcbb591

    SHA256

    eb28922b6e8751c168653adeab48b7e2840ef98d035578e62b2b968313b0856b

    SHA512

    812c4f87a8e740aaf8451b0d3f0e41f31c66d9798d02fee37e0699936735dd3f27e3c62e72c25988ac341dea00aad856525aa9d8dc64bb4715e190ea3bc85061

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\X8M28FTI\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit