Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Untitled a...04.htm

windows7-x64

1

Untitled a...04.htm

windows10-2004-x64

1

Resubmissions

06/07/2023, 18:37

230706-w9zvwadg55 1

06/07/2023, 18:23

230706-w1la5aeg9y 1

Analysis

  • max time kernel
    143s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230705-en
  • resource tags

    arch:x64arch:x86image:win7-20230705-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2023, 18:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Untitled attachment 00004.htm

  • Size

    2KB

  • MD5

    54bb99cc5c1f71170185d332a2abc2c1

  • SHA1

    20f25d1f61320b1c7058611e8c569874c84c23e2

  • SHA256

    c5a695103bfea2f1fd6abe65764819572d95fe43d62f2f1d3d95182da1e5132f

  • SHA512

    b39614041966586adfdc174cb4da92051aa7f1c5965fe6df81f816deb9668f387536e08ea361023e7a9d4b9d5629009f0b1dd5775bf5356a6291cc1f61efc011

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 40 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00004.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2124

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5053f9685b4f69122330c9594d28e286

    SHA1

    2512f7cef168a1109ff9bff5bb00c8c8ac48e5ed

    SHA256

    a701ec66d3ad17f13bd6991e16605eb54a7541949c95878f1dba6f1c20e215e4

    SHA512

    995b14dfe32641c2662010ed3d5d61d0e142f67db77d332ae1bb310d888aa8de28a5d58413259ae2e13e8723acebe091efbc4ce218f560f732a8b864ff3f8220

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ee975f36c023a9e5ae2e16ca5f695dc

    SHA1

    288fd208fccdd4c008c064701eb776003163df99

    SHA256

    79b45583570eab0b0421d543165b792107b1537f469347cb2134c349cfbf42d1

    SHA512

    672a94743020ff22e4c9ef95a969c8151cf8be566bb9587ae252e4553da5afb428e352e89922aeb3fbaf0f7bc1a5d07d249dfa56f5379fef6fd0a92c0adadb14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86cce08e8764fced91455776c3541eea

    SHA1

    ed989db893813e29fe8dd7776b04383aa55d2151

    SHA256

    2937896e804ae4c386b00812676e5a20a8f7ce6b2bdc68679d24b6791061a98f

    SHA512

    13db3eed162f1757d83f69b16177c4af185e94627405a75cde2c8ccf009611b682c9f95952c05837ccbf3d3c15bfc467640b3a3800f9d02d7e29c83534770bd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69a90c285c9b0cb9829c0ca735413403

    SHA1

    f186a2a7b0994f618d6e13227e1d37e6db1abdf8

    SHA256

    080c777c0c2503982f8ec92ea23b263e6c350bf8cb34119820d8582b6427c387

    SHA512

    a66c399ff147836c98c814a12945be93aa08a269f4aa3f44c55cc4e1b0b947be800ebb84f84c78e66b16485d14424b7d31dc5ad1a005f5e8b756036e0cb8d1a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d4bcc71b363febaa121f8f6f46cf678

    SHA1

    532161e81944469ba9476cee9567ca852b7da3aa

    SHA256

    535e75ec558ab245a4e36f8aaadc8d584fd0dd6921d909c2928df53ae7a7155d

    SHA512

    a2f64c1361f4365f49bb49e32ac60d007b0beac192fb1b53679089dc46e6ab57fbbaf99c39a7b277f78151982748063b2b4aa03719581a6642faa6e952e33375

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e22e7a778fc4430c22b00b56b429660

    SHA1

    bcf313e738e39930d85d5515d575bb271b02046b

    SHA256

    57fe55b36c498caab0ce2c76889f3b6cd6a5360fe5b1fda6cbc43097d40775d7

    SHA512

    8ba4509ef1202996e76ff129bfd1f5b28495aa8dc57d7614690f05ae49a394c5b6b9f18a454d402b41e9aa93534e6d6e5a155867e83ae3ac33b9966ae365d591

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5I9HDCK2\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAFA1.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB015.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\3VLKHHGO.txt
    Filesize

    601B

    MD5

    ba2995ba88fc4781691aae54f12a4f2f

    SHA1

    e7743940791dc40a4db216468943defaac90585c

    SHA256

    f762cfeddf12f3bb6aee5f160672dec340a6790b86d0107222dcbdee952ec9f2

    SHA512

    b86b8da2fa01ce3cf37a8ca6d5563ddcafb333164d9371819e39cbab963125787e36eea076fa26f3fd0659455bad69f57da37d131757c00ca8136b4eabbe60b3

    Download Submit