Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

PicsArt Pr....5.apk

android-9-x86

7

callout_11_shadow.xml

windows7-x64

1

callout_11_shadow.xml

windows10-2004-x64

1

callout_7_overlay.xml

windows7-x64

1

callout_7_overlay.xml

windows10-2004-x64

1

callout_8_overlay.xml

windows7-x64

1

callout_8_overlay.xml

windows10-2004-x64

1

callout_cloud.xml

windows7-x64

1

callout_cloud.xml

windows10-2004-x64

1

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

1

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

1

callout_oval.xml

windows7-x64

1

callout_oval.xml

windows10-2004-x64

1

callout_rectangle.xml

windows7-x64

1

callout_rectangle.xml

windows10-2004-x64

1

callout_ro...le.xml

windows7-x64

1

callout_ro...le.xml

windows10-2004-x64

1

callout_shape_1.xml

windows7-x64

1

callout_shape_1.xml

windows10-2004-x64

1

callout_shape_2.xml

windows7-x64

1

callout_shape_2.xml

windows10-2004-x64

1

callout_shape_4.xml

windows7-x64

1

callout_shape_4.xml

windows10-2004-x64

1

callout_shape_5.xml

windows7-x64

1

callout_shape_5.xml

windows10-2004-x64

1

callout_shape_6.xml

windows7-x64

1

callout_shape_6.xml

windows10-2004-x64

1

consentform.html

windows7-x64

1

consentform.html

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

Analysis

  • max time kernel
    116s
  • max time network
    159s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2023, 14:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    callout_7_overlay.xml

  • Size

    1KB

  • MD5

    13da4f83c32b6af839f40448ad4093dd

  • SHA1

    2dd817cbb6c2198c9b622bf8a4a4bd0f58c5980d

  • SHA256

    22a5b339c8e15d0b1393e540966b414ca577f1e6c2c4682bef22e98f74e5a5d3

  • SHA512

    3c5e37b7638099495ca3773edd1b4c780ceced0db68749c7c7437ad460ae765f1e3f952e146f7851a778f9dd32a5c7cce57ee616c0f015231b0071c9a39013cb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
    "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\callout_7_overlay.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1392
    • C:\Program Files (x86)\Internet Explorer\iexplore.exe
      "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:560
      • C:\Program Files\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1176
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1176 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:576

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b3c8c842a78d8bd63efff8f94b5741d

    SHA1

    3542f468b9257fa1894181f6ec00983d0763e10f

    SHA256

    6b12ec5a1bd35f25465b7076e7b97e75d7eefca6acd7bc3b61f37de2e36f0a03

    SHA512

    b00dfc7a06929c432f398fff5607a078ce12ce70b7a455741e701898054d51e7c03939d15ef25c4cbe9cb1eab5e6c5b9eaf9e9226342e45f483619f1a68ad260

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de31f47fefe27f1d7bcb4295aacec9c7

    SHA1

    347fa60c8c1dff3293f290b86f48bc5e85ad612d

    SHA256

    cc023e7c8a4c55de5b04c876d522926fc4b95e7bbc69019a17ed125f3a3dff82

    SHA512

    dcd7f8fb48b582a488a39cc45df81e32bbd5059313a67ca5f354ddfab77ea13713fced30e8cde6a0fed52d9166fa961c33612e49289a68b0347ac6cf01b53aca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fe7960167e99891224b0b11e7616b02

    SHA1

    2d0b1db79cd20cf93b4e5e8b9b45e84d8854ee57

    SHA256

    71905ae7fcde4e7bd073ee2e49f0b018a7ccce646394586c8275c2af0b0af5f1

    SHA512

    305435e9981f952fb65541a4e3ee645d59a7e64b4bb0b2f6a1b92b915ac8042e0afa422beb57f1b2e3a9614db38b943f5d8e5bc423df5a18c87d0fb20a187669

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a1cca3e97921b3ef4b8b7756d9bf989

    SHA1

    237dfd1141601679378785c8828c9b39b0a28421

    SHA256

    d9b85a38ab3f3c098a836f238ed4387a4d07f43beafc3da532711e4433fe839e

    SHA512

    8f07bc745625a7b4fb9de730e52ff0a744b7836105718f211b29c69eadf20b99b11dcea27038ae7d9eeef0bb4525a1f504cf88fe05ecc73c42e092fda3b9692a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f145da87d909e3e8ae3560df05ff9bb1

    SHA1

    a1b714168e6a141ebd36ae53b9ab9a238f91e605

    SHA256

    3dcdcfb90e4a466b769163a9e370ff61ef7ac0f21b8998c7a1d50be3e9a89fdf

    SHA512

    51a36fe125ebe12979b928c0ef836ee561f029013e60ba354bb1b1dba788a9f2252590609bc218eb8159519f37f921f75ebd08711b3ca299c59cad2cd9538d9c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HZMQ0AZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab928.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA16.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\Q7UJZYL1.txt
    Filesize

    603B

    MD5

    42a3b6ebd17ff7872eba82e28d08c6b7

    SHA1

    04f550c71fd415c99c0531986017d55ca798e5f2

    SHA256

    6812d6165eea53b3387d64dda6c976276bc1636c11780690329e5903b9eafbf3

    SHA512

    e9568d71e45af9cf843ab5fddfde23285a9a6e3de7994c89b7221635d594ba707fdd53119881292698991b2e7db7887d5ddb2dd20f9cfab23e5e187150aae111

    Download Submit