Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

0bf73ff0ac...f5.apk

android-9-x86

10

0bf73ff0ac...f5.apk

android-10-x64

10

demo.html

windows7-x64

1

demo.html

windows10-2004-x64

1

floating-s...ed.xml

windows7-x64

1

floating-s...ed.xml

windows10-2004-x64

3

floating-s...te.xml

windows7-x64

1

floating-s...te.xml

windows10-2004-x64

3

free-text-...ed.xml

windows7-x64

1

free-text-...ed.xml

windows10-2004-x64

3

free-text-comment.xml

windows7-x64

1

free-text-comment.xml

windows10-2004-x64

3

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

maction.js

windows7-x64

1

maction.js

windows10-2004-x64

1

menclose.js

windows7-x64

1

menclose.js

windows10-2004-x64

1

mglyph.js

windows7-x64

1

mglyph.js

windows10-2004-x64

1

mmultiscripts.js

windows7-x64

1

mmultiscripts.js

windows10-2004-x64

1

ms.js

windows7-x64

1

ms.js

windows10-2004-x64

1

mtable.js

windows7-x64

1

mtable.js

windows10-2004-x64

1

multiline.js

windows7-x64

1

multiline.js

windows10-2004-x64

1

no_sleep.js

windows7-x64

1

no_sleep.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • submitted
    26/08/2023, 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    free-text-comment.xml

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
    "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\free-text-comment.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\iexplore.exe
      "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2344
      • C:\Program Files\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1396
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1396 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2900

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    5b77205ff8e13d5534a671e6cf4b0e1c

    SHA1

    2f8a222007611d78ed3241a7bc66ed7aa7e3e844

    SHA256

    df8ebab5290d08227c2dfeec422375269fb2ba70dc23cf3324f49cf45c3fb987

    SHA512

    d4ba8d2617afa8eac62b583137046c23eb27b61ea3657ac2b2ca127d0410465d6f2e00273bf3882de47521cae19826005578e750288b2d03c7fe513a2b0a4d50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05b49c5da9b3c21f94b75be7150c2156

    SHA1

    e496aa7591ba9af60d36b30f44df042229be7ce2

    SHA256

    d9177f866acbb909e7228f6f37346ebf0ed36537db4c6ac3e07f2c0b6046be4f

    SHA512

    f0bb5aa8beb78ab3d4793445bef9ad0a0a7166304881e9c81a3044f071abf62884f37f47b9d1b31c202304d207d4a9dd9dea64a32d07b418d2c64a451677e110

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9fa2eee6f13f1418ed22c2e085c336b

    SHA1

    bcdb14f0e6bbe6cd03e8a627012bb5c2b5f5e798

    SHA256

    135b0db470b053ab385721beb8a4809c4d5bfc1679f0e0fd2738ad97b1935f32

    SHA512

    e13535e32f059d154ac7665eb67dd9f7f3b421a873c592a00ab775416282f346ee253b04c0ebf856c641b4ba4094b35dea5507151ae9ca81a52b6f78a73f9bb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cee6aee6d8acaf7b4de60024b5ee2b2d

    SHA1

    decd5c0e9eb98a33dbc64689e200b0905cba7265

    SHA256

    a28fd5542ce73683d9bfbf3177977dc18504c88a6a635fd146d315ddb5b89adf

    SHA512

    fd5401de793b0a4fa111524a3415c01249e1d0bca89882c32516d415c2838fff09db2dbdf68b3f4e854e440d1a12ff279d1993564b0bb268eb90ba80fd215af5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    918fc91b1bfc0b5d2cd13018482a7d0c

    SHA1

    a97ecab6ac1cd45aea8c3628e6e47d2e3c230a43

    SHA256

    0f45902873fbe0109177a9d8b55693591f64af70e862c6611b81abd0f563cb79

    SHA512

    3acf98ca5376986c6fbe97db9294ad24f69311a27b12b3cbc531d0572c994b2c42c47471b6ba2561f444902c18f1ed29336d4d817b5d47ee0dc6c6c1e425faff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b830121e38768ee52dbfff75643d576

    SHA1

    e18075fdda41987f97ea3dd512a71c132d1a4218

    SHA256

    83913f5854d089bdda2acb2309d7083ddeb2917e75ee69159da7ac9aa9c6098d

    SHA512

    84ab6b4cf2d27fbb5a561972f26b8edbe390866f21f562c26e628bc9214ba43aaf0830fdc5b37fb025b86fbdc2a1438206148132261fd336614f8df8d7d3e80d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    972ae4c958ba397074c9142605df0049

    SHA1

    58d6be7cef2918514f1eeee028c8161bd4eed5b1

    SHA256

    3e45b43fd38022b7cbd9ff78a8004d0f407a8fd67979f47cb3ad3aad3062ec50

    SHA512

    b76e4d59e60051349288acaa04949e180c5eb0f398ab42e86d84a852daf334692d6956390f4b1dc09b41582a247110ee982e8f49a87da84688d14a3226fee23d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a61596d628957dfc94036cd09be1af31

    SHA1

    8a601329c2d260dedb85a4f7c1f4a6781edce276

    SHA256

    9ad58176bf4b239398f3efb2d9fbf3d8e9b72af6a8c02f5ec56365e1aab70993

    SHA512

    16a02fdc28cb54a940311590b2395a57ddc62eafaebae7572da3e6fb5b27717345bc64456491bed48d2798a058c99811f6319ba22ee12fcea3bd8c1769348498

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71b9165452d94179ddfdfd820392a92c

    SHA1

    3705822692533eacbe51b741b0a47e5071a90bdc

    SHA256

    1ab7e424afede64ba71e69b90cf23bf7e8cd15a84dce8b742ef543d1861c633b

    SHA512

    5db09e31b121a555a0b85cac187c4e29f2126971d158f861601007579641b132b19edb934f05839f90c80def5998e9838c21257b6054e06847ba58cf8da6b57b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2cf591c7e363e271cda923ca96d720dc

    SHA1

    ed2adf4f9fcc3bc27a1749f028b4871ce3a40374

    SHA256

    693451e83a88ba195c9cc5dd98873488ea1c1dc267887a55d15f1ce26736125d

    SHA512

    3c58df27085d60298903b862762a13fa7e3941116a5f784c1a0f055305c79233ca0c6b06b96a0184534a5507e257ceab23c405c9a856ff0649e74d1f20cdf694

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc3dc445b13f16e823e1e43d6cfe0ce3

    SHA1

    0d8ccb8ac2aa734585193c4c17fd39f1eada45c8

    SHA256

    9aa2065d57fc963dfa06f804fe58ceda68725a7a788b65ef2dc0d841e7aa499d

    SHA512

    eda4f8a2380113789fc25e0eb78492125446cb97261f0ef58151d9b449eb1e1c74a5b07a8eb34d877f6c75e499df095c92cf9e1046c4d3b6886042ec823689e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b40b86438c751731afb2211bca4a44b

    SHA1

    5c93f3b6a8713b41c9b1bd5c83305528c9b60ea1

    SHA256

    493f3db6535ba1bc19e2b1faf246b30a4bdfad1a48033ef1923aa7830b9265b9

    SHA512

    c52a6423ec7e9461f827aac8028a995261068f31184245b46ea185615b98dff3e9366469ce8588519019798ee46936e4302d06f365b494a70f1200062aa91eb6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab93CA.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar95C4.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit