Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

PicsArt Pr....5.apk

android-9-x86

7

callout_11_shadow.xml

windows7-x64

1

callout_11_shadow.xml

windows10-2004-x64

1

callout_7_overlay.xml

windows7-x64

1

callout_7_overlay.xml

windows10-2004-x64

1

callout_8_overlay.xml

windows7-x64

1

callout_8_overlay.xml

windows10-2004-x64

1

callout_cloud.xml

windows7-x64

1

callout_cloud.xml

windows10-2004-x64

1

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

1

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

1

callout_oval.xml

windows7-x64

1

callout_oval.xml

windows10-2004-x64

1

callout_rectangle.xml

windows7-x64

1

callout_rectangle.xml

windows10-2004-x64

1

callout_ro...le.xml

windows7-x64

1

callout_ro...le.xml

windows10-2004-x64

1

callout_shape_1.xml

windows7-x64

1

callout_shape_1.xml

windows10-2004-x64

1

callout_shape_2.xml

windows7-x64

1

callout_shape_2.xml

windows10-2004-x64

1

callout_shape_4.xml

windows7-x64

1

callout_shape_4.xml

windows10-2004-x64

1

callout_shape_5.xml

windows7-x64

1

callout_shape_5.xml

windows10-2004-x64

1

callout_shape_6.xml

windows7-x64

1

callout_shape_6.xml

windows10-2004-x64

1

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2023, 14:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    callout_11_shadow.xml

  • Size

    2KB

  • MD5

    a43eaf2037b2a882b41912e5bf68e3f4

  • SHA1

    b1b73e482269c1c5370f7a6e4ab5a3b47d2c6373

  • SHA256

    354cbc8433a0fb42c500fa7039f4c7254db20eb9f589f8866846f142c45d94c2

  • SHA512

    5aa4640b5cc83376ae6f61c80bfe6e1aedd2e6eec2337f9478f4a5544cba6b1a09fd46cb4c93a8313d4843a7c42b498f610bf51ca90d476819088e8fd52b2c69

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
    "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\callout_11_shadow.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\iexplore.exe
      "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2208
      • C:\Program Files\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2392
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2292

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5154befb493164214c61ba84a22edbe0

    SHA1

    0a86b03445c1f2b947200ec59043d7d057349669

    SHA256

    787480e94b08e4b88785efd05d602ec63742a697d84e47bfe64bc6b5cb515dfb

    SHA512

    cce4cf13e7a358d95c1415b1b51738218f2c45523c34626e34bf7bfa4eee43a20abab26309cf64a52882f50426c8c299a6556770c633c86db9cc7e994871daef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b23c1847afba3ae955c78a154ff2a51

    SHA1

    c94b6abafb4a8116ed86dd0b7fbe0f4a5d0cf17b

    SHA256

    51d5a4658bf9b50f668045611708930bb790a599789162018c7d3e5e330d5c84

    SHA512

    3cf70d5782c05ef89ce5227a0684b5ae68c1b43a068676ee1b995c341d34f1e319abd2fce4b892825a2b74aad16d1cf97a9ed5113b58966fd339c7ec4d2df57d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    899ddcd5982fcd39ef158f99b5c70a6a

    SHA1

    758e00bddee231105c415d7eca358db36f704ffb

    SHA256

    2f2604c836fd5009fabdb9f2bc0c017fd3c30e981cad1b56f84c61c8ddbd36f8

    SHA512

    ad9b04056c58dc62988bcecec2263757616933ed50ffa65e71d08a22df532cb977b1b08984eb9bfbfffa89fb9665750b457c56ccdc0eeb805a4a313c1a8ad19f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5078978fee1b94283f8498524bf5057

    SHA1

    cc59e7951451ef9afdf08c5c086a2a5161db342c

    SHA256

    8377150ac7cb623dbc617b489bc9873900416e98e2dd518eaf93623ca97b38b9

    SHA512

    3c35b3a7a01dc18dbc424bdd2dfc6b1c490018f5cc22c64e6ec266e8bd0a4aa9df42e7280583c0752b0d79268ef1de280b7af6051bd320c3b6d244ebce303034

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    faffa238f0841ce7e594be2697b86f0a

    SHA1

    2f272b26371fdddf75105dd187cb8e8e89fc22f8

    SHA256

    352857cd50429590fc69f4f3922d4b16376f7e71168d31f7f92d5582c28add06

    SHA512

    f8fc66233b7859e24bae2482b39b2cc95ca0105ec45e616e720bde4cb268f4adfa872cdcd1cfdad02af90a89ae3dc32bf07d93be2b9848d046fbc5e29159d07f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3de785b2ff8d9d43af730d70d1864bab

    SHA1

    616724eb601815664c79f23f59b94cc28ce7c43f

    SHA256

    64d57156474f8c155a028293b7c513dbde919dc8aa458d53cf54092744cf16ab

    SHA512

    e84dbf7819f0f7f0b8a9cb2d61960b1ee141bcba56598b64f4e476b8bd8698018fcbbdd1b28cad67b44529ec75e8fed34862690c2b1a3fde934e93ed718b155b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f3650fcf873dcc741fa4914c305b764

    SHA1

    a948c9a7da9e390aedc79d40390b5aa9a28b73be

    SHA256

    60387ad8e741834ae8e88cea3e2ac7ae1ff4a546bf070275149e2e6fdf33c582

    SHA512

    7efb0c976d6806b11384a5b3de326b88778d6631a95935643219a36ab354a035eb4a1229393f27b982380bafc9b9b195124bc41088596717f1f46f12ae8cfdf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b33513b93dd89cbe9b3ef25df443e6e

    SHA1

    3990afab47f7d6f0e28d9cd064c3640146bec931

    SHA256

    b0448269334472eb1eef03b8cde0b8a3e15d4ca5e772f6ca7547af37508d2e2c

    SHA512

    10230fc40e77fff320f7a8ac90e94eb6a080c104feec239b824a18d0e506877f214d0f7ab93d2b493da79efe3a5d06df53c4926c9a6497d890c9794bce54b3a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODRCOPYD\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5219.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar528A.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\KUN19Q8D.txt
    Filesize

    601B

    MD5

    530375db41bf3d99e823a2bc8c3ab5e4

    SHA1

    5ab7dbdf23b00562f1de77aae7a01d838e4562a5

    SHA256

    ece4b33b3c78f144142fecf3a1ed4a1218287d05e8b784d79d90929e096567cb

    SHA512

    332bb7d6698e29a2afe82715884ff1d6aad451f593f2ca888375c3c91b4179ac4a7a48c812380ba2dc3b448dcd24a9da3390652030eaeab461f44369d96e5d92

    Download Submit