Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

worldbox-m...om.apk

android-9-x86

9

DefaultWsd...tor.js

windows7-x64

1

DefaultWsd...tor.js

windows10-2004-x64

1

machine.xml

windows7-x64

1

machine.xml

windows10-2004-x64

1

settings.xml

windows7-x64

1

settings.xml

windows10-2004-x64

1

web.xml

windows7-x64

1

web.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    07/07/2023, 02:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    machine.xml

  • Size

    33KB

  • MD5

    0869544722561f5aff0eefc83fc7b001

  • SHA1

    1e118f4b5c1c6a7b1858e3fccb1b1d1095561976

  • SHA256

    ef9b9387168fd1dd6c996f96c134d9c44f8eb06f9587004bf997252a520182d6

  • SHA512

    ced7c9a5363cabdb87b01ed6b4ca190a690640dddf5cbcc0438acdc611a8ee942cb6cd73c78d3fc2d59f70171f22ac832a10b1e23758dc92599ee24acd978ac2

  • SSDEEP

    384:PbtltttttSRtNRtcRtGrRtSRtTf5Rt70zDgRt2Rtuj4f1RDRty6ugyunHMSeuWuh:dkn

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
    "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\machine.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Program Files (x86)\Internet Explorer\iexplore.exe
      "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1972
      • C:\Program Files\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1544
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1544 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2056

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86e5daf5477213afc65ce00d3b0f168a

    SHA1

    37969cb03678534088c8a2c83d4e5b0cb0561f78

    SHA256

    8d1ae4d9e3672da4b76edefa5c78df0eb66dbedd9484f7bf7bc53f59f07ec25c

    SHA512

    5ae375256a143d9c4ccfa35bbf3537d35d415b67ec614e6b3469e203b3e0a213eca8f7f0f139cc4309ec371dec835b3a7089452884a6b2ee5154f615d0b8d562

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc9fa5a7554c08b5e56a05c9199e6688

    SHA1

    a28203d265a211c17f0862f75f1e35ecf83d92a6

    SHA256

    7a7c2af07efbf856d9cadf99c2e211420d8fb80164ccb17b40e6cbbd98d81d20

    SHA512

    029892d80584d25da71d98696b4844854798cfcd3057edb63cc9fe79f0301c5a270a078409246250bdb53ed5ccff9697f5f5a2e5682d42cec8024e07c1ab87a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9855c23d8f0c9fc53fa58de1396d67f3

    SHA1

    cfe86fe5c1386ca68700fa10ff42a5dee2c7d3ee

    SHA256

    70431b0f23a492c55069c693528489116b82c4be4727e0f9050890f8d480f9d1

    SHA512

    ba16f465ad07789a4e47eccc686e03b2dc184563f550e61ae8a30f561c039fb3dc310f7f4ac5a99cb9b20a33da609f0350923c93d38fca9e0ff36eb0f70c8702

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4278fe51a98b14a971534feaca5ac1b

    SHA1

    38693ab9e1c8cfe3dc13e7ebff739d975b0b5106

    SHA256

    a849666345d992e74147d4b77505ac75580af878ba9bc706095eb429d88923f3

    SHA512

    d3b61776535eecdd8030da26b55d0786ab43e167e1c390e48c5010e350d964bb8f981d11efe05dc13c8f04a798dac7f473541d288b6b73d79add26e4145b8a44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75944fd9a8ad7c6f605b53131b340365

    SHA1

    4b0b31e80369900e0c0e4fa8f3deb49afb442f3d

    SHA256

    c089fd8e0cc3e200a269fa2274c4036d5c470b7a31c69b796435ce13b15ee06c

    SHA512

    b00be37ce517ffb4cdf50969d164df18612218e1fdaeb0f254bcc17e105b05eeb733c3b50fd9cbf1f0fb4549f3a8dcdf00e1ea38e29f44b0ee48065028e26cb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a909096c84a4b542586b85ff8d7e9510

    SHA1

    20896c4cd7b2d06ab55d5d4c685c23848ca61f09

    SHA256

    9dacceedc0d057a6c70817bd863a28708ed74206f2f34f0b16e159e016734c85

    SHA512

    92d61d2089680edd92cb35db57a9cc46497565731425db48cddb193b293b913537f065f5a319f07c45f0fd30299ea4f25503caeb7452a6a119cdb9abdfdf0b13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a52756604dc3d5084818416c748f5a88

    SHA1

    675ae2e1feb9823246e2ff8831ba63c04f46e467

    SHA256

    72539a42eab004fdb5a408014c3f180b1e196aeacb106191a9f9d58eb8c2393e

    SHA512

    b174904629660c14d00e8774c962a7b91bec10588e0a6a57db3e8afc85f5a4034aaf4a8f28cade36500368c160e6e3c9b8cdac562ecb18aac7809b4b19f6c718

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e437a8fa82afb81dfb03b0f3b54e69c

    SHA1

    4cbe8ff6cc895d7289315dc1eb88f3ca0a7685c6

    SHA256

    df2a0872a6cc4eb4da95461b54df1f697fd137e404ff64f8aa3fbf7748453f7c

    SHA512

    faac1fabf97e301ea24cb72b95a9665e9b28efd50611c4a86c1e73d79d360a5fa8f6cca6d673b515cf177f512d0c546ae7d2c3ebea4414368019c9d42ed246cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a78a2a3732c39210256b62f30ec43c7

    SHA1

    6482eb04dbcfb64ae7f65d748f89ab227332dca5

    SHA256

    94a8e7a5ca6b381e1423fe2bfc79f97179fcd14cea7c8f7ec26cd0ab3b5e7f50

    SHA512

    6bf78658bd26fa9ea7c0a17de0bf3442af44f54866e3979f93852df987c74c1ad189d5b7f8ac373d29ad427c91e3e3fe29a4fafa3454a01c092f17c1bb8fe8ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXRMASGZ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8191.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8203.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\76809V89.txt
    Filesize

    606B

    MD5

    d1e804a0a305a633c593bdb77623ccd6

    SHA1

    daa817ed03b7be9935dd1df03b865b9b2b9a1fc0

    SHA256

    74507c1b6eae8fcbee28f303bd9bb5abd413c87a7d5b82143a800d694a76b0a8

    SHA512

    a95293f3286d13b572df3010968663229c49fc1601b15d722400b027b2e1736062686b80124c86bc1c3510affe5dd9eac7092e64db03ae99abcfdf86fdc1621e

    Download Submit