Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

CrystalDis...il.exe

windows7-x64

1

CrystalDis...il.exe

windows10-2004-x64

1

CrystalDis...l4.exe

windows7-x64

1

CrystalDis...l4.exe

windows10-2004-x64

1

CrystalDis...48.exe

windows7-x64

1

CrystalDis...48.exe

windows10-2004-x64

1

CrystalDis...it.dll

windows7-x64

1

CrystalDis...it.dll

windows10-2004-x64

1

CrystalDis...it.dll

windows7-x64

1

CrystalDis...it.dll

windows10-2004-x64

1

CrystalDis...rs.dll

windows7-x64

1

CrystalDis...rs.dll

windows10-2004-x64

1

CrystalDis...h.html

windows7-x64

1

CrystalDis...h.html

windows10-2004-x64

1

CrystalDis...8.html

windows7-x64

1

CrystalDis...8.html

windows10-2004-x64

1

CrystalDis...n.html

windows7-x64

1

CrystalDis...n.html

windows10-2004-x64

1

CrystalDis...min.js

windows7-x64

1

CrystalDis...min.js

windows10-2004-x64

1

CrystalDis...min.js

windows7-x64

1

CrystalDis...min.js

windows10-2004-x64

1

CrystalDis...min.js

windows7-x64

1

CrystalDis...min.js

windows10-2004-x64

1

CrystalDis...64.dll

windows7-x64

1

CrystalDis...64.dll

windows10-2004-x64

1

CrystalDis...86.dll

windows7-x64

1

CrystalDis...86.dll

windows10-2004-x64

1

CrystalDis...64.dll

windows7-x64

3

CrystalDis...64.dll

windows10-2004-x64

3

CrystalDis...86.dll

windows7-x64

3

CrystalDis...86.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2023, 03:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CrystalDiskInfo_9.1.1 #azo 病毒 0 (112.07.13)/CdiResource/dialog/Option.html

  • Size

    17KB

  • MD5

    1639dc3afebcb77a24f2b76c060681be

  • SHA1

    4d5be3e3eab978f344602c9e7f8a5cf981ae7fb2

  • SHA256

    1c33000a9201ab7f6fb76a35adecd1a3b4a0ab7e21d4adca9b7ce47eb0438eb9

  • SHA512

    badeefa30d01331fc8a0ccbd1478ffb265c602737c341ccb3acd33484bf4e622c27cf4d0896550e3077313b19abe4c127002b30cd8ab57c30cd1d84fd9cb798e

  • SSDEEP

    192:u6/T7J+jh5BOfalBZOlVSY7SM+UJBRyHyl:uw7J+jhfOfXp+u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\CrystalDiskInfo_9.1.1 #azo 病毒 0 (112.07.13)\CdiResource\dialog\Option.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2076 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2380

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e49a7d2eab309474f6f31c2dca2a6129

    SHA1

    94047a6281a526eaf59797e8fde590b6e30b719a

    SHA256

    edacf3fcb5516b274a21bb97a6e1c826aed5383d379b7bca02d4ad694ffd5ccd

    SHA512

    4d77bbd975f53809fcc17a0e1d7df254ed5884ef544c983258aabe45c63f8ac6d55d0dbf90d90f3a30bdcd7ab923c45feae4c7ace11c312650c1fb2d215559a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    dbcb747a678fc6c2e83d19a0197d9042

    SHA1

    efd4ef302ecc771b4e7a46335f2b50e30c5411a4

    SHA256

    ee717b50b1b9d841a2cd8be7ffdcc420856f6d260e1d4c11e4fdd36fa6c65e35

    SHA512

    07b5ea40e0b06ad8c52a2957371d491d3d3056e54493d02569e7b20b62cff6dad24af122294a4c4a4379fc7038ab9410dbeb0e5746027cd0d813907fe8526a37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ab7c8c6c8c5edf1694a2bc09752c60be

    SHA1

    d34d43eb742687ad3681932e4da84d46f2b7ce7f

    SHA256

    b47f4a937a4ccc6ff4adb33f26d574c0351af39ad30e9a5467a47299d34ab957

    SHA512

    6edad4ac06c9443bad3331d1768214ea396af192a7dc5ddecdcb5c1dc88de3e4b28b88d36288b0905c119193e460b4ae79aac73b778ebe89ce37b3b45609fe39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    83b73ae387c04db8f69c5e521cfca5fc

    SHA1

    77a4c8e1ff256e946e27dd8ec1bb1554365b3465

    SHA256

    0ae1c857ef03babd1518f1d67c07c7b0757deaac0c81c801e0e363d13c934a43

    SHA512

    2a28cc6bf37c710415aae7b611ee83763b9f59c503c21335777cfb65deb74917f62c45fc2f012e438e6d865942643bd27ed483fc6dbc84f166d847bb1dbe4f24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6367738a01909eb3c2a4e673464865d2

    SHA1

    c106c8f115ff318ef20f1e9086e557b82b2c504b

    SHA256

    d19819d0e65de1a09196700a5244f048c578e8d9ffe183e7fe2875ce4a2dcabd

    SHA512

    6ddae666906be90edc813a8e0426de7f9cf63ad36de2878a962a96a4699a0e223c0483685638d3460cd78c16edd99b67e487da18cef1055296e063e2923f5790

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    63f1c3e276f874b70ca1a9b608c6e061

    SHA1

    e9af8ecc87abcd3772cc9de96b315c7446a0904e

    SHA256

    4877ac70618766185303458f3c2d35c981af4f29a14ed879df0188cd620079d0

    SHA512

    3a53c76cc739085bf19ef3976c005226b2d05ebcb8581e42accb8ec79edab9218e972fbef6312dc7facca932faf1984d04a16d0b921061482c564dc4b3f95a36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b428798477e6b5ea94b689f2cb3e700b

    SHA1

    43795dacf4714539b7a88d82ec9dbde5e1fcf9ad

    SHA256

    93409dc7191549acbc81ebc446e452ab6a8b9b5246d2a4ed4c4dea8f00653928

    SHA512

    76f8f283328776380fa4e0af9e5ff531f50d036549ba31641396c9748c0b11bd168b20c35f99a66f3f2c5bb49c24785a60830f864d2d8d94cb6ee2ae050a1394

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    358b9160e7bef373e7858f7610d97dda

    SHA1

    3a3fc19416ddd90e9dae474566fa3ad0e3cf31d3

    SHA256

    23db1e03a05b86eef6b0841561baae26198509a6ac7cbd638b873d222bd20bc8

    SHA512

    787c23c0e4eaf9c6fb08ea85a6df54ee7ccaee7f3ab750991fe70c9475df3513f98269101012ca915ceea7d8e24f807d78d1aabe071ae72a90b8df00d6eb17f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    367b0819f32dd25f27814914a06f37f5

    SHA1

    6c30febeeeac05aa7aa42468c10661063341177e

    SHA256

    52546170b6d579a938171613780b7043587d7d43adf4aab944c9dea09eda1a4c

    SHA512

    bdabb5bc4b2caa42878d538157a89971e6a6c3a069ce7d595e3ffc8c1f7900ee1275d44c40ea7344eb1e15ee1da09da3540856b398909ee339a893f205c5d915

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8AJTUMOT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4260.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar432E.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\VE5NM90X.txt
    Filesize

    606B

    MD5

    82b70c04994d109aad4dcd7719a919ab

    SHA1

    a69e4d9d934323682c2e5a7fc714c282f9a17bae

    SHA256

    764685b43849595387f6e944ee297c3ab6676fc756b42ceeaa8c26f379cf3c87

    SHA512

    a4bfb3aed6fc63148cffc615c23dbc2470fb550cf42a43615bd56cc00443a1acdbef39afa119eb6072bb988e414c55102669f09e2f9e33be834b42939c089023

    Download Submit