Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

You-ve-rec...t.html

windows7-x64

6

You-ve-rec...t.html

windows10-2004-x64

6

Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    20/09/2023, 08:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    You-ve-received-a-document.html

  • Size

    262KB

  • MD5

    40dd3751bc81cc2b0600467f967086a4

  • SHA1

    1619c6cb8d0eb43ec3feefbfdc43989b12e1cdc5

  • SHA256

    55d2a99c28f7e0f577bc434f438e015e41277a020e20fce078c029a30009f901

  • SHA512

    52e43ca05e0a5c6c01b7be60091d7e94b4add4100da19147c03e8b89a4808416c5087344441eefeb35f124cc6ff40e0e5b9075644defbafd6bfac1d7f0e3e73c

  • SSDEEP

    3072:EClpG5Opmf7VYgxYDCcCit1QXgFQFKJG2VRGs9YEA2bbq3RARGmbAw4PS1f0zqwF:EClpG5A/EE+cWVN/EE+tJT0

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\You-ve-received-a-document.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2544
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2544 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e51374d335ee56e07a14a8073fe699b6

    SHA1

    7bbfd57f3c1ad06878db447a93c4f2d4797f949a

    SHA256

    5614a348ba9e49d16dfbf6b1c818c82c74893bbd760847d932fef92259a630a7

    SHA512

    203671f31e03f713eeab11fe7e0052e45f1c1f3997138b4810e8d2f8f2e96a50149757dcfcd5865b5f5102c7d3486978215b40c5cb82ad71d44db0a7d698f442

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c868c67138bc857dfe2861769d5a2e68

    SHA1

    cd86366132a30155a5602f79173bda17d43314d4

    SHA256

    f756e84fe90f16a8e798140cb32428ccf3423ec47f5aff1eb3e480de24c6f75f

    SHA512

    7da3b0cb0a4981170a2881a424b355abc7963afc3d67f906e909a8c56033d2f3e2263e74089074f09fcee1ac14d6b3eab46dd98887233ebea8ee319f8d6c746c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0979ef49c405ecf75c120b4f1b955be

    SHA1

    4c320a0fc1d5b673a8b309ff1c317ce74314501d

    SHA256

    1f5dac66075a056dab4bb86ca051d6280468b7d0efeae66b77d2cc6255b728bd

    SHA512

    659f4145c5ce20a5a09f4316e3579ac68554f4e7c147c226eed207cccd011949111878cf9b54f44771a65594bbc3983a41ca0e131f3ce5cc6eb4f69ab1ff0736

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5a3b25d97c738600a493955801425dd

    SHA1

    b2b63d6c5d69c4cc6778ab64d73fce104749bd98

    SHA256

    d45975861a225c78896e5f7ea594902028622fc043c456b07249dd97f26af857

    SHA512

    dcaea6feb7556afd6560203dd1852c9fb8eba619dd03a8ac966f3fa75ee742aa05c4916d40405c6fc6dd2ca688aea3d2120112ccfcef99659fcae880d6517ecb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c9b2f50cc25b54d2ae6a3ed31a8f261

    SHA1

    0b6d7f127391b4dfa9fdcf0c7dc5a5a01d4cd635

    SHA256

    f1ef26bdc3df2c525018fff4d40b45a907f878cc2449bd70b7016d9a40cd35f0

    SHA512

    cfdf124c78c5974244e97e2d2f5b0699cb3a92cd6a8ab4263ae067179708771004b61961dd69a8d22c0707d68681fd39daac362e10d09e483cc99f990133fd3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3437794825b176d475fd40410fa98f15

    SHA1

    db693e2e16edb80be7117a629981d805d821a905

    SHA256

    ca47220a4776bff88e28a2dffb1b95ba9b2cc7a390c0c81d9719cfa317d945e0

    SHA512

    37ceaa5f36f32da33a9121b64bd3e99f8b4b3cb1369355420607fad14945a855b7b9921c8148747abb21c01be1e92494a75b90fae0ea4b9d69c80bb96ab48e08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c864a5e875464ffd53aa21497971d36

    SHA1

    317bbb882cff50be2c4c97c30f3aa5dba76ecd9a

    SHA256

    42802e5631a4c09ba79521a751fbb5b1d7d550d00983861d982e288b9f3e3f79

    SHA512

    2401beecc6491f1d80c30e784b4f4a782b18ddd769076359d1d31586aa248d6281a778e9b46f094c9286b73f479588973107e71e424d485e03b3b0a30fbbc29f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    66ccdbfb0593a52ea99c3e1de8c74b40

    SHA1

    2f6ee5855f5961b60eadcf47c6f417bdbd5503f4

    SHA256

    1433ec25e778cd046d2cd59325b1c9f72c4d00c2d0b2b586db8fe56c64490cb3

    SHA512

    1cbe1cec378f21561c07b3d9c7769ef5f38b1177c5b5df9eaa6dd3211363b707f9f72c4ec802ed697797d8a544d725573ca2db12f2c2f6f1742ed4faaffa23c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c2f341d41ac79566557aae3c445abe9

    SHA1

    063d7c29145f99bc61e10ed6ea0d5affe2959718

    SHA256

    4a2272a457e665f1fc15ef09a822b51cde8a563252563d537038f53e26753837

    SHA512

    7384f348c9edc9db2c4e11e3c5458abddd8721628e8772ae49bb14a2ffd7f593c890ebca157f34479f7d680d435b4d43368564ed500478f42948990b450f68f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f49ac0307335682553d755779512002f

    SHA1

    a5c9269ce8122076b049326c0c59fa7a6fbef899

    SHA256

    bff7c056a4ca6cb0f76333d661639dde3bb3702fef583f6fae63c22bbe3821be

    SHA512

    f1c35a1b23fc017e5c07880e5be1bfb25af8247b0596c6e229816bb3a2bee7761331587a260512bed55a02b1237f13e4b8dbf29dee5747fe2de61dfc7986cceb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8079ba8fb591bed1c16585281ae98d01

    SHA1

    5bbffe2f56509a42fa9d5260000b59c4621e7886

    SHA256

    68fd48979c1ee94267523c9aa571c5b85e3a744d2c8cb24ff9b63babab474ec9

    SHA512

    21d5d1ea04a421cd586e993fd355af4db2c8a74196a209aca54056f360faec3db45aecfac583b3019d60e346932f178666a2011887f6ffea2701abb5aba046ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f684221d75ca1d4507e3b1181f39234

    SHA1

    38500029398663c164846b09682ca118eda86dc0

    SHA256

    6da2b4c2a93da3947b663e5d1cdba708c96880c306022820a521b78d8bf9191b

    SHA512

    abce78c0a41a7ee0acfe2ce90754d1a395ed02d7ba6e490b3b75fc91a5275a1a6981c14ddba7a2eda9f58d5cef30f0ce52be7b8721a79cc5ab179bbd66b98a6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a3b1e91aa32a8311994159d39207f95

    SHA1

    70d8c8dae2464415918260374e78dfb88039a7f9

    SHA256

    3e3e439dfaeaa088db2fbe6669096dd3d387798db83fb207d41540d55261fa1a

    SHA512

    e3a6129925e8f13bc16e70b9cf077328518bb038a348d61c316f38c8b1ee9846e296bdaf55fa05e67a6ae642fc02323396d0a239782bd7ef8175c809b66a0214

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7a6b7f0e23eb13e11a041b831f5ead0

    SHA1

    dd2b9e1f7569fce3d496dd60de6ccb2465908287

    SHA256

    eea56936661a8f4eaa659c2e584b578581cc025a344d6ce02da0e283341ebc26

    SHA512

    9cd56aada278c04753c4f004bec3145f0d2e617455855b63e271bb8472f8491b3215f6d7c5f6ddbf202940e102a41a3f6c642144ebe755da712e716c43a377d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87742cb59aa47a14eacc0f4d0fa0ea94

    SHA1

    1107cc0d1f170f0485dcce07ae619fae990d3dad

    SHA256

    1b4c48d8229c7cdc82491a40a37d6fde7a971f02103162b959133114b4380809

    SHA512

    4669626783fe8866ff62f53f7d029dccbce54b515bea5558a5a8d53e5f0c7d1eadd0d9b984bf9271ff339d658e2ad869642de697924e9c63be0a2fb9a0d2b676

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7982c2b3aeb23bf50ce79d92eb1d96ed

    SHA1

    b26a522eedefde086a2118e50bcb535fef8deb86

    SHA256

    97df2249b013b275a1693ea88dd8865c028ed414518596cf238ebc1f7b87801a

    SHA512

    549aa98d7231e15bd2e02f4a7698179b217b9fd890466f62b50430ec450ddf45e031a76c8d71d33559288067af81405d5d3c48f8f4cf5e77a5fd03da62e005e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d67c35f605f623743501be73c88de31e

    SHA1

    17afe57c5321cff877c2fa99f95ea53807ec3cd5

    SHA256

    f0aeda631b5bac236d81636d50508622947b4209c757fbd5ba5579649eb18b9f

    SHA512

    5d75aaf62dfa835a796644a7d98331b26e0214a1bdf64ff2bf73e3eef27632b8592d2336882b2fc5f8d7330fd4ea0fa66a25230111ba5bd710fcc38fa67975bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6059.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar605C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit