Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

mxp.pdf

windows7-x64

1

mxp.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    127s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    17/07/2023, 14:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mxp.pdf

  • Size

    76KB

  • MD5

    b649f9db1184e06cd8a0a34e9ea67df4

  • SHA1

    25157a7d6eba79a10dabef649c88f4388f42172c

  • SHA256

    a70cd2882308ea6469e53a1f56fd83b63fbcde1f9103d6d9c3634380b9d66f6b

  • SHA512

    d338d5b78101325a79b5a9978c2e926b97af5bbe70b4b593b90f03e802abe55d6c051ce5b86545045078389221a2f5e61e538d7c686892d4387c96b6e6e6ac77

  • SSDEEP

    1536:khBGowHKlRrJQhXWZJcbytQNgqZEKLO7zLAYzp7dQDKAHzo:k7riQRrl2wjoOIip7CKAHc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 61 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs
  • Suspicious use of WriteProcessMemory 16 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\mxp.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1080
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://axobox.com/vt/wp-track.php
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2808
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2808 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2512
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://axobox.com/vt/wp-track.php
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:528
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:528 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:3048

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    baeafce26c102ccd5a1e28b415834001

    SHA1

    13dec7f16b9f2a2806b7df529cf0aa9efac4a23e

    SHA256

    87a48ac3547f95ff6e1e476f68b2def588063dc6796744733f3b41f3231412c3

    SHA512

    1ecdf5717f1459d41f6644d70dd669bf20a6516955f88ce8f63a31dff8fad96cba0bd22497819ba7452e5ff803052c7c6e337b327902a81349e5d569d634a0ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72a70131c9e8e2bc66436801b3fcfd8d

    SHA1

    e3c6861ac3ae7e81e1170fa08cbbd756509fc04f

    SHA256

    abf535c1b959561ce1e1df24ec62b4dad1916235cdcc89588037a0f67cd2ab7c

    SHA512

    73ea036863a5bea037e64cc88865144d63c0fa7f231ea2ccfab07732bd9b04a92871ef57f95c538067082a20e8fe18783e575e13e8f7cbbe548874b4d0b8b139

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db985b90a5d1a82d33082b33c47a0d22

    SHA1

    b31bf8ce7f23d0088b666f8b08feeb40b500e767

    SHA256

    ece4d82e2d91030589f4c90f934819371131f5e979e200022bbea1fba699158f

    SHA512

    9862778c8020cc2c18bd00040f154331bc25ca8f0872d3198ec60cf80a559fc3e7908299bfac649fbb5194109d572583daae805763c75c41c98ef0826c908abb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbd7bb9a5276c3221b2f9f99f1bf8fc3

    SHA1

    1e6e2e4ff365d4d46cf4b226725133069254caee

    SHA256

    4adee2af579e1548e4b96ea29c7872a37103cd638dd19906faf5b57ce568e456

    SHA512

    5b994b76e9eb23bf9464845f820f92455a651af8920c91a37f5fb4976bfb1374a3c28c1540c9c971d7b0b75c8a1db3ea928ccaf92e45fdb0e05fa5e32e045fb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47ca89cc3f205d4389d4209028d329d8

    SHA1

    4acb00217b1de15bdfbbb8b24fc73c0c1425d474

    SHA256

    ea7c350751ed47eebcb4f875605074da8c3ab7c68ac893e68a2e200549f293ba

    SHA512

    22ecb14006d0359dc25d38ad8542b15cfdbdc86e584a14723bf2e846ed40d24b33e7119ff9b2111e744e083e0230814c4fd44349181bbc444bd1ad8a145e9106

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d42c54301fe715b828ff635597eabc56

    SHA1

    876f86506f83e29442e48b847910511b1275dc91

    SHA256

    f5b2546f6d1a0c00babc74a88a16344cf157f172e46ce06ab88f85ac8963e074

    SHA512

    2aadc768bb6c9a105bb7226d80d5aadf1e689d0ec625c627eb4199a612098e43e654f338b215d536750d650ac07660c40f00a22df4694658687ccf9ecafe9658

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8501c7deb3bbf86ce85840d713b677c7

    SHA1

    5305edf3e548c0389bb8eec9fd526a60200d4ef6

    SHA256

    a9903a7bd5378c5d7b8c503cf1a058bf3399de5d40e17ca35f7ea6cb00a8099f

    SHA512

    3956ba0b73496d5f85ab7971b71e14569127957e34894ce939b551bf739f834ea03d329aff6843ecef4eae6f9cde711ad6579c1d964e343998283996196895c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eeec65a4f7ab126336e17d297d1ce49e

    SHA1

    ad8ddc230d8b870d38dda4c90370a849d88dfe04

    SHA256

    7de52d54e9dc0fcb20a4abe7fea85b838b974c2bc8f174ce2dacd33b39d4350c

    SHA512

    7f13317c9186fb65daac897f1757babae78d633399d358723a674eba077d2cc0d2958472d41700844070eef7f88a441a312f34042f7d555034e4ea1a073802cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8bc1e61be8b4256e8263ddea1afbcc0e

    SHA1

    c6e71bf947cdb33c08e7c3cfc3901670bddea89e

    SHA256

    b42ebca4b36918c3887d2d19434112ec16c851423911d208c1efee36d3ae46c4

    SHA512

    50b4e6f9f2c293b41dc76f80f1d0b7db0b3a47ccd601c7285eb95060ff7273259402924902700d6ff62793331df4bb151bbf24ab3ed5f6ddae20cc5da7d4b64b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39d944641281da18675510fe8fc0f77a

    SHA1

    995ff74bc6d1e4d2ddc0179c3aea918e8018be09

    SHA256

    4e249e6fcc9645858cf3e16e975c33befa55824e750cc27dcee02db2b3a1f908

    SHA512

    14fced9daf013e53516ea1df4c9fbe56643ef0f71c1c8bbdd7bffa6648a45c51c0873d737d1f010d04307e1c703fe6bdd61150b82937150aadd33c44a3461deb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{99D79FD1-24AF-11EE-8D08-D63E05CE97E8}.dat
    Filesize

    5KB

    MD5

    4260ebd0b59b35b9f3b241a67e169512

    SHA1

    650eee9cdf79e97b77aff2c639d0f52f1b2c7c20

    SHA256

    d9d823644c16700f439152774925bd6067f66df085f424575872385c2a4fcc52

    SHA512

    2c31b9e89b10e7708ff46a316bf0c4cc506693e1c1fe1b980fc213d23a70542f1d54067be6c0059e9cfe2d21f55c634f00cf1d70584fa949644a106c2fefd543

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3HUPY26S\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab763.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7A5.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0f42dda4d6ae29a3e9b5acf7c078cef2

    SHA1

    8442c592505d9c7c6d9df6981efaeab534498d3a

    SHA256

    40aaf72143d93bee5c07bb144113a53581ba62cdf6985f1d772a4f449ff989fa

    SHA512

    0dbca4f8d2d8bb83c8db05a2ae24f472a4a1048a4343e748cd78f4981947af5cc44fef8655f9f21df879fba2b155d4d95f37211b3c71e85867a740a53c9cf36f

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\XA5KE8YZ.txt
    Filesize

    601B

    MD5

    8616b03218b4e041c7e293bf81dc3b4e

    SHA1

    22e114a88f21f05580e72b96d3f7101d85e6a9b6

    SHA256

    dc66e89b50a21d88d1426ebae72bf6c6dd9b60a5978cdb186efc5ff9b8e32372

    SHA512

    c4ed66153d8cfc497a69ed57eeb1b102ce8ec19921063ea1eb145cc60e844fa6bee4780eb56c028e531b416d2f8cf3046f519e1770c187c3bbb4925b686ab985

    Download Submit