Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    107s
  • max time network
    225s
  • platform
    windows10-1703_x64
  • resource
    win10-20230831-en
  • resource tags

    arch:x64arch:x86image:win10-20230831-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02/09/2023, 04:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4a7effc3779660472214103984f3dbab0965bc20605a6cc5f1f4d17ddfd5f998.html

  • Size

    229KB

  • MD5

    393ff39b2ccca6e961712bd25d415902

  • SHA1

    c22a6e068b65c624c5f322b73a97c6967457a170

  • SHA256

    4a7effc3779660472214103984f3dbab0965bc20605a6cc5f1f4d17ddfd5f998

  • SHA512

    db5c1aa9f342b6a3f96442e9acdc6df345b7e3bcc8cc7e5bd6ea426da78dd47bb146cc8f0d2c832ecdea8720c8c2ea1f6dbf0abdb313ab82e8f417dae56c247d

  • SSDEEP

    3072:Me8T+SjaZah+38dz2edsd1K/za2pIQ6ddUNstRF7bcF0bP5Fylw/FcYcPFko/Eb+:Mj+SOZSbdsd14lwv3Rq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4a7effc3779660472214103984f3dbab0965bc20605a6cc5f1f4d17ddfd5f998.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4868
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4868 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1436

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    4KB

    MD5

    24be8a92460b5b7a555b1da559296958

    SHA1

    94147054e8a04e82fea1c185af30c7c90b194064

    SHA256

    77a3cfe6b7eb676af438d5de88c7efcb6abcc494e0b65da90201969e6d79b2a3

    SHA512

    ed8ef0453e050392c430fdcf556249f679570c130decd18057e077471a45ab0bc0fba513cb2d4d1c61f3d1935318113b3733dec2bc7828a169b18a1081e609a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    3a50ce37c484741b6394155c1f7581e0

    SHA1

    19bbc1d0c2b6aa535a01270633d49160b0e4630e

    SHA256

    2c16cea1471e4e46950429a7c0ac0481e88a24d365ccc0398c1e6a858d577140

    SHA512

    64ef562f568d14a3da0345b8c58e91c7416d0fb8707cc704ebab0bf556fd3d6b9c7c9d20e88632bb851f4e82a45c3144979dcbdf3706088e6b89c85fe3347cbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    342B

    MD5

    964ad23b486ca17848523e65dcc6c5a5

    SHA1

    e5d8c2a306ad16101dd4f0cd44534d7a606e6868

    SHA256

    2691b2430a0bc56a4d17b197884629fc2c1afc900368cf0a25b2ee2bec6a054c

    SHA512

    488d741441160b11f07cb8f75198f1040b9277e42191dce3336d0361e33797cd8cc41a1637037cce39e5dec7296b362a3413acfd442b1b0b84975dd298c0b098

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    d7794e280259b2017bbfca61638f6b1e

    SHA1

    757998a7f49d84eeef5ca38a744b5e30058cc15a

    SHA256

    a9a8aba38607761e83ae420338c259015b1d9d446341b980c4988e8d9e399854

    SHA512

    ea24eaa95eb372a1df56225cc203830fe3ffff42eb410850b28ce0084512523a6cdc30e18145af19ed401c76f17cd46343559c53d7bb18de45f3ed65c4eed38c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver8D5.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0K6RWKFI\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\BOWX5EAS.cookie
    Filesize

    610B

    MD5

    c1f9bd94dea06ae120ebd9139e903824

    SHA1

    fef192d4633efcdede40813bb132a78ae54bc07f

    SHA256

    16fa75d902f7508382230165885c5e50a47d3facf62db4c7833eb24150df7ddd

    SHA512

    3fef954aa401274f0da7f582de3c12a62562bae7db6dba1d9a8e470de63736f6cef3d42a23efc2e15cfa5ee2d4983586ffb1dc11c52095425c3626d0dcc95fdc

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\ZP4E9PHL.cookie
    Filesize

    645B

    MD5

    1350a6ce63473f5ddfa9408670689a6a

    SHA1

    f4a288ac4fad75bda512cbf71c3df1b9531d43fb

    SHA256

    87c7a33a59a08aa7d5856a53cfa4128c39b31a4cc7ee5f8da049eeb98252e441

    SHA512

    327cabd0145e494d0ec911b752ee072518ca284433dfe944f8c758d4b330e7db55f7d463e22b6f60e69f2080ecefdd487e3fd3e85a4141181aee7b6b7221a8d4

    Download Submit