Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Change My ...on.exe

windows7-x64

1

Change My ...on.exe

windows10-2004-x64

1

Change My ...st.dll

windows7-x64

1

Change My ...st.dll

windows10-2004-x64

1

Change My ...me.htm

windows7-x64

1

Change My ...me.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2023, 11:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Change My Software 7 Edition/readme.htm

  • Size

    172B

  • MD5

    2b0b42672fca9c4534a1c339324aae3c

  • SHA1

    f1c2d7a5da6b648d2cdd8ffba26a375e7c3e0b1a

  • SHA256

    051f8c5d932e92f62f1f6663a2bd87b3579a885c9172cf424f0d5499d50fe574

  • SHA512

    55f175436d8ecc0706211036806507e669cbac24d2bff64de24f3747df0847939f5c0271c50b1be87eeceea3e0d04b4146679c3ad3da911e8e98b6c2c4474dc4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Change My Software 7 Edition\readme.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3004
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3004 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81f020dc1fa4dd626195f1e0c095e3e0

    SHA1

    bbb25ad43f73f93959807b44e09e5d8e40e94f25

    SHA256

    19e9a3ca06fd125cec8e690a8a659198401b6f6f5ae87669a167f4355e3a679e

    SHA512

    eeb75b5e00e1e7c13bcf5e129b0e0172c620c3235b3f61da8e07d3e29a24384f6b005891795fc315e1533d4744681b7fb23c4158cdf8fbe855683fd2aa00ed2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e57a3616fbcfe1a6eecaf6678675a3d5

    SHA1

    8d302f555fbea31fe85d9b8b43cba9d6145a5cc3

    SHA256

    6454a11d889c1ad3d01e7ec52936d5ed85885b0ceb25dc24afe3c5acc4b74be1

    SHA512

    fe44c168838ba12ea966acdee0778be1467b5c7cb84a384c585e0d498cdff57e2dc45b0be4f3b514f9f8e0db008353226ae29cc92e0df183df976e6ccec3baa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19ae2fd1301667ae117f51a433abb6b1

    SHA1

    e316ecb161217b6a3ec5cc4ee85530ee7c814de4

    SHA256

    814d95fa5e24699a2726de5ead2d5f2d4aa8e553964fb33f26e01b6294b5c61b

    SHA512

    03dc04bd33508a61c39f42548615d06df576e4cb76522aee250532119a8593265cdd0006eb37cb5c50dba14e2e3f682d8a72b8881787a1adfd5e4d0478ec5c21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4f1052683ef9d8deb71d495d859f407

    SHA1

    7056211e9e6d3b388c8b6ea66b8abc93c9433713

    SHA256

    184e6b7e60f9d799b9647ba835ae0b3128027b7748a61a3e256c14bb5ef4f082

    SHA512

    cdfe3894610afa44f7cd7e34c83951ad10959c439dd3d998726e2a4d0e6a1231910f3f02d7fb4c05644312dc90255e0fb275c139a453799d784747168445d232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49f499f264fae17fbb37be37eb1dd928

    SHA1

    df07f655d1e4cb1c8155e9e260da3d690d239f95

    SHA256

    991ef6c3101ca80aa945b571341d4c2a9e82af248bea4565621e1ac3c4735b6d

    SHA512

    ba60cc79b1ef7853d4c7b47390046da66960f3488a5879e5f1fe1d418b3de5c5aab1318e7fb70ffbdf05cdec2bb8583e61fc1a5c6a59ed250f96a0771ecc1cbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cba918f27510daadc448837758322c50

    SHA1

    e528b961f2956bfbac2b11e46ff409da25d48718

    SHA256

    a0591546b8174c6603d6e8e38178aa77c4b53a8ea8ac0c56c574b641a04470c3

    SHA512

    4b55b0061603fd96cefcd650a29916c3e13210e5f0ea06b324c6dd5289ade5584528ff48785e20b9ab842411f02cbe464b1059cdfcdea42f7ab63acc57f07fab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ef7ab19af9d22339362e76c3a3edcb0

    SHA1

    9f0f0266ccf3b21363f8d778d79503836a86d134

    SHA256

    520a485f21a9def5a427e5dfd7acb4239f56c5afdd6b8da99c90213402a00c41

    SHA512

    e6d18ab3f0b6997b8e4cb32de8bc4b85a801de084203ee8f73e5fe49f1e343e16d05dc6a9f00a57b4f10feb6eab087f1f700fae366bfc549ddadfdb9b9fd5063

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27ca5b130c115f51d7d6e0d38f85c656

    SHA1

    b16183b2d715468284ce2103033330f75db8c23e

    SHA256

    26b0a228270e4206708a88a9f1f197c91e2320557c4437c0b87c5d51b4c24f87

    SHA512

    50e47bf111e8f903ff421e4641ba2387184fdcaa7cb8651b20a8d64b610db2ff441e484c8a70666963b557e189ba53c79e52f4cdfccde3e8cb3d34b98a0f6207

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3a9ade8d32678d34592e441e83bdba4

    SHA1

    c518baa66f792492988ab81b34470be593a3dc6b

    SHA256

    a6586ffd1d41da36f785b29c130b7839bca0585a7a50ffa3bc59df0f85d40ae7

    SHA512

    0c57d3226d18918a861df0711805067a6c5406e03048bc500521a8fa96cef2a297b49af5284611a5c32f57c49d6f1180502b4d3380f4267fa460983b177bb749

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    668a307b6092d14233974f443651bd25

    SHA1

    e388d1026897e76892ca0345e80d414fef8d8056

    SHA256

    2c0b9b74968d1d84beae03e629df19766198c11dc024506943c5c4527a361b97

    SHA512

    bdf12ac305ed1ff8efae0322f81b581dae4fe4885c789a94643c984c394f20a10fcda22f0582947bac66457e9c93085d9c3c00c7040e6442f0b9bd6ba24ed1a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f54d6988e3a3dab414f24ce56e04b381

    SHA1

    9db5f1d11f799d9ad60994f6cd9ba682274d70c6

    SHA256

    3a46d5a75d7c1e782a0880cb2f0777e7faec32cf402b126ff6907410362068eb

    SHA512

    eabc20182d4d14a616b15027e3ffa10c8c58b86ae3833597c9586d9c88c7a8c98e12cd3996b311d44d118cc7a952edaa3aabf00ae02650def78df77ab2b2b74e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af185b6df9a9d0299b33a31ecd6b99f0

    SHA1

    2592076909c463b42788f8a5af7f642422508aec

    SHA256

    99b27fbb706e36218693a457e4f16eed5d582427c8d3e22ee44798f548b3a771

    SHA512

    807721afa764f2877fe64b186e5d1df0ec251b344aff3349bfd68f95613e1bd0cc90382b67a7aef49c32e4fa5a8e068c7fca25eadbc3b092b02fe59e9e5aa41d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97c1c1ba4b3ba1cebfae20de1b98d414

    SHA1

    0a93cc4538857d2d94ca34fd88c19a9f04291212

    SHA256

    83ad8eb28f2d876f6cd95a2f6b612682befbfe05a927b076a4ac9f9fedcdb7eb

    SHA512

    f7f8f801425666d9ff331dba93fd3c05cc768a2dd37ce1db1010f94a59df4a9962ca3e6518a3fc94ff73b5d0458710a7aa5f5f056250d22889db53649736940f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0114da0bfb31079a42797f5a7c079d11

    SHA1

    fe9c3e8c45d413ce14bd33288d2be97f498afa35

    SHA256

    45b0cb31a9e5fe1970edb6c04ef9c62c00db5ecdd54d3fb5bed0d56f641a19c9

    SHA512

    dd919683c5883d2d9a59fd2ab451d58e1c90b687fed8c8f03d811ccba55a946f1af87039f132e5bda8b6317329b8cf281b3f8a8e9ff74cf95d1ade81fdfb6515

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20435c9864a73992d612600509341fd2

    SHA1

    ed376872956e243e9fcee7e251ea7b49ca2d7c48

    SHA256

    a9911755d98ddad3ada1c6b8a66de7245683c0da8fb1ee1adcad250430436d15

    SHA512

    21f4d0c57cc6634a8de4bc75ee81c6139950c64b62e222445bd88cbd3bbe262e112223dbc7cf6988768886439f158690cf0c326d950d69cca822eccb0cfdc42a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7900fefa1ec90a6aef7b9a8a9c584803

    SHA1

    607911938015834539020f0438dae62dbb3d26fb

    SHA256

    2a1dede03239feb904ca979341eb7b9bd3d4f7dda875a6f41e6424045bdc3fbe

    SHA512

    dc88c97a9b05b18e06c74d3def33033870d15989112831808faf27d13a1bcc84b65c78a2392d9279e727598ca440a6ce30198a096380dc142a4c227c5aa76f22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdcc62b7b4133d39bae3e568633fd13c

    SHA1

    10995d0855a269801696f559b7367a8a483ba34c

    SHA256

    c61e10005a65127ea5fc9e99a90703188d0c21259a0f732e135275c68c51705c

    SHA512

    39d50a4e46e97083632a4db7cec50f4a32fb0d1f1566de84fb32f8cab5ed08ac1e6efcc1af453e71db82cb1ab550ff76f62f99fdf0c45ddfeae1dd14d7664733

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab96ca0834b8418fc43a5e58fa24ec2d

    SHA1

    701f19d30809f49fe78722c09e73f2d8f87af441

    SHA256

    3c8499da0bad4efdcbe3b08a6e8c825f5899ea0b40a86262417b2934283f8c4e

    SHA512

    ef5eb3760b85aa21b779ca0ab4774f488f9ff8f6227db0b0b98dba283f3aa778eb793b8cc109f9dac9971e9e359ea81d50f79a1bb4ef46a0c442c67c739f4e8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f090ffd4629f9a92785167b110090b6

    SHA1

    e4d7b980f11bdc9a857c68709f82060864b83666

    SHA256

    cccb0a6f55135562b27c12625bc57df8fd0e25530ea34bbfe26ef3747f6aee63

    SHA512

    384e87f7475e06f018db89c7de93c441e81d05825e42b980463e2b321d848a14f3f6f6a8d8b1a6717820c0f2cbb26d554cdf9982fb29a2737cd5178e5dca1a8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    196d4c55131e84d9341bfb26587daa37

    SHA1

    2004c985d7e56c6c3351a1aef502dc743055aacd

    SHA256

    e71364de3bce27d92661cf42db0584476802fb1fc75bf99e4d4894c0e8813824

    SHA512

    8fe6220244a02d32c1be9cc6456b2c0ea5e2e2c672454c38eb0e21b3ec44bfbdf9f5a995501f82c1dd04f4e9d57809a14e0452cf93862eda8a57aa6066fd5921

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a7e9f0f576252f1df0b6e400be19812

    SHA1

    b6d48d97591d90d23718843e718bf2994d6d0be1

    SHA256

    cdde5601ae6b7117caa4588c9df66d732b2f66c4bab77f6e12a14d32784d7031

    SHA512

    873043160130d1cdf9d3b354808f6bfae5ca26e7d0fdd332c8971b9c11145e07fd726a26dd359a9e5f96cff58e04f5cf486fd46ac5f8a899919b333e1a6f3f54

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab63D5.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6483.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit