Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

277e4e17c5...03.apk

android-9-x86

7

277e4e17c5...03.apk

android-11-x64

7

RainbowBridge.js

windows7-x64

1

RainbowBridge.js

windows10-2004-x64

1

ace.js

windows7-x64

1

ace.js

windows10-2004-x64

1

app_config.js

windows7-x64

1

app_config.js

windows10-2004-x64

1

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

bridge.js

windows7-x64

1

bridge.js

windows10-2004-x64

1

c_cpp.js

windows7-x64

1

c_cpp.js

windows10-2004-x64

1

csharp.js

windows7-x64

1

csharp.js

windows10-2004-x64

1

css.js

windows7-x64

1

css.js

windows10-2004-x64

1

dom.js

windows7-x64

1

dom.js

windows10-2004-x64

1

editor.html

windows7-x64

1

editor.html

windows10-2004-x64

1

editor.js

windows7-x64

1

editor.js

windows10-2004-x64

1

es5-shim.js

windows7-x64

1

es5-shim.js

windows10-2004-x64

1

es_privacy...t.html

windows7-x64

1

es_privacy...t.html

windows10-2004-x64

1

es_privacy...n.html

windows7-x64

1

es_privacy...n.html

windows10-2004-x64

1

es_privacy...h.html

windows7-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    185s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07/10/2023, 23:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    es_privacy_content_zh.html

  • Size

    188KB

  • MD5

    efb4fbd2e7f6b4bb107434717a008845

  • SHA1

    dbdf4fc555e71ba0e56a77f4d027a51add378593

  • SHA256

    1f8b71c4b11d91d6d6eadfdeb0e7ec87af78559d99a61cec085c254f49d81e43

  • SHA512

    01c86abc1c40da2eede352bac2bbc086650e4c96042b074f82f5c8a510277d07704f026a4acffe29d0940420587721e73ea58bfc850ea8d520b6ac23756f9ee8

  • SSDEEP

    1536:xn1VpKkXthVT1bGMEi5PegXRJXu2FtMjhdZJR1ORonIQ4IREbfwtjghd7cxvZaEf:BU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\es_privacy_content_zh.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1728 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f843f1ac31ab2253a614a79dc7a9829

    SHA1

    3e0b80dfbf4626564be6db4dca2a49ab6b056d70

    SHA256

    44a9c8413aff37a584b0fca5b07dc1e791e45fdb5cb38c66d199368522173623

    SHA512

    fd4230cff1530e3679709f56033464e11b2e231a56efd1fe1a1e5a100fbda34119fa9236d8ae7c19ee1ce12ce435c1e51646f93c917edb50a45d02c1ac99f68c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    129548c63aa90f567bdcdba73551d738

    SHA1

    c15e8464a1878e57cd099648e7a3d635b9eb763c

    SHA256

    99f43c382f8daf51e88a1df857d607b73d9e9b05fe2440c3abb41cde218ff188

    SHA512

    204d854bd8583c3591d424ea3dbbd568d25b3d768d4e3cea3a269521aef857f4564ea8730ce66b57791736ccbf1d63ab3ce2c86bd92e8a950882084ae066af75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2f278908a09ac9faf8df0facae60104

    SHA1

    995c08784267abffc5a13bb59151d10ee9ba4914

    SHA256

    e12ca76f46c0ca537568a4e10ef5d475d9c08d3914801a5e0b6d4a421f492f13

    SHA512

    ebe74c975f61320cc8f71bc877b0f3ccfc333fcb10905e3adfc728cf3249a9bf2633111f669e4d18a050f852a92f81e10dd82fa9693c0376a722d184ef7d267c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ce4d5d2f7afcf37c6d5317c81f16176

    SHA1

    a5f250a3179c71ab286a4ffc5c57cbf3b2e8f617

    SHA256

    1f3b0d8b5d6999a6e998591aa998499d9b72ac75b6ef9a923cac334ebac52a2d

    SHA512

    0db901e81b6252cfeedec5c5561f836f0d7326a5d6f55666724ccf15ff0ea708965880180dd7cc1672645c53f32ebe0059890a3f55eb3e734c68eb9136a857b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74baac882d0fbcbdb0a1c476b9134ab8

    SHA1

    199ad5ec70f276b6ea3a6b2b433c3da20321185a

    SHA256

    ba85dae0ab0fec2c757599f22b5b1d91691f8ae452317ac2624d3b450efd45cb

    SHA512

    33d196968fa94db45b389e3140c47960119502ce0de3914373a034e0c2d50e49d20d562c1a59748d757ee297fe23f2e594a7233c2e16a0414d85cf6765e62b70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88c616379fdcc0d92267b4817e0bbdfe

    SHA1

    24a110fb4170e8e6a059515c08ebc6ed6e0b3d25

    SHA256

    d74bf134c7d563bb2b04e5fdc712324b643e729a4e95e1bb1c94abd6541844c4

    SHA512

    b32a6f21a0e71c06bdc3599188780520bf5eceeb21934757caae588f87814e5709bc65d1d7e5e70ad8a563a018f34ea65ef4a450f44a097c724a23599b01cc63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3305f015c6805fa72a0f3dd7de61f37f

    SHA1

    21499f9385431700789ebc68f80805765f59fc36

    SHA256

    df59fe5f330578b9d7245427bd6e167cc95361d12d170aa9880f959c40496c33

    SHA512

    0e1abf84c47fa7022ad69ecda9284fd0cd1bd8476d0017ce7f008c9a64f27858c7f09a5f9c07fed17d34c6c5bdbf04c74c91c14263f5832f1255f1525e851c1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21f627895f32a311e19bbd9cc55c3196

    SHA1

    8e9d039c977fccb3c8d02289a45dc1c918c5c078

    SHA256

    bec9543f9676de5032dc12fb4d82ef35507dd8b938bd9b380972aba957e262c9

    SHA512

    6a02a327152e2912dd8941535bac3f1e3fd1d5328ab619d39b3488dcab0bf28df59524c436aa8f0de03adaf15ed23c73cf6821d6a95711f1b8f40e68250a626b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5618831b638deacf4ae9f356c42a7509

    SHA1

    983e7f7fe8b7e6b52cbec274112a1b08cda27834

    SHA256

    9c672d0dadb4e5313ecc9cffc2c68c507c661226a356ba104be616209e04a3a4

    SHA512

    3c6c4cb2d4c4aa3543f647f363f68aed20d8418be22a5b51b6e97b37a0ce42dfe449f354f92dff098af9f36ce0b1d23e4bad821ce695edcae6e8df745ae55ca9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3527.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar46E6.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit