Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
260s -
max time network
1802s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
08/08/2023, 12:05
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://shorturl.at/bxGJ5
Resource
win7-20230712-en
windows7-x64
5 signatures
1800 seconds
General
-
Target
https://shorturl.at/bxGJ5
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe Token: SeShutdownPrivilege 2216 chrome.exe -
Suspicious use of FindShellTrayWindow 34 IoCs
pid Process 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe -
Suspicious use of SendNotifyMessage 32 IoCs
pid Process 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe 2216 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2216 wrote to memory of 2588 2216 chrome.exe 28 PID 2216 wrote to memory of 2588 2216 chrome.exe 28 PID 2216 wrote to memory of 2588 2216 chrome.exe 28 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2092 2216 chrome.exe 30 PID 2216 wrote to memory of 2468 2216 chrome.exe 31 PID 2216 wrote to memory of 2468 2216 chrome.exe 31 PID 2216 wrote to memory of 2468 2216 chrome.exe 31 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32 PID 2216 wrote to memory of 2868 2216 chrome.exe 32
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://shorturl.at/bxGJ51⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2216 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef66d9758,0x7fef66d9768,0x7fef66d97782⤵PID:2588
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:22⤵PID:2092
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:82⤵PID:2468
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1552 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:82⤵PID:2868
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2136 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:12⤵PID:2508
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2144 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:12⤵PID:1248
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1384 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:22⤵PID:2780
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3116 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:12⤵PID:2372
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2156 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:82⤵PID:592
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2444 --field-trial-handle=1284,i,3895522946770092214,8168821555461482060,131072 /prefetch:82⤵PID:1540
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:2892
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
264KB
MD5f50f89a0a91564d0b8a211f8921aa7de
SHA1112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58
-
Filesize
2KB
MD59134724cce9e3b0bad17e8c02ba27064
SHA136825beb1041eabffbbed00797c3571a78ca3a2c
SHA2564e800bcaf7512773bfcb8d8149e6dff4fe8d6b2bf5b44c0529c7924d290d2a26
SHA512bf462b8af7245fbc452466de1716badd679ca16deac08423ac1899f7ff56dfa8d3c56529c29777f5dcd726c97e05af423ce3bbcc3c5b430a4df24d9684cabf74
-
Filesize
4KB
MD547a6c7ce3ea918f0d7c17ac6081655bc
SHA1f6b0dcb957abe0c7a02df5aa9cbfeb8cdad46510
SHA256e8e15a0975cdb081dd1f3fa9300dc90a527892b5c7d20808acfafe4dd3439718
SHA512017f27ffd1bd5c6e0c425b2fee9c1449037e4c003298401061d63bf61db0b30197723d7736b45feb27a654d3a38ac964a2785522bba9f1fc1a0ccc6b08010247
-
Filesize
4KB
MD5300b267824b9da33ecaec789c16573d9
SHA1268ff0099bb20b1459701efb4b5bbf3b66b84796
SHA256c4e90f3857bbdcbe560b939b7aa4931291b735ab43059ecd250495fea67b932e
SHA5125f0de2d658f8bc9793049a63221c31e99ac8867dff1d5fcbfca8084ae568c122c8532dcae35d8e5a868fe8e0b7a949f3a9e2bbf520d06b3d1701402ab176af5c
-
Filesize
16B
MD518e723571b00fb1694a3bad6c78e4054
SHA1afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA2568af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA51243bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2