Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

CS2-Skinchanger.exe

windows7-x64

7

CS2-Skinchanger.exe

windows10-2004-x64

7

night-cheat.url

windows7-x64

6

night-cheat.url

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2023, 13:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    night-cheat.url

  • Size

    117B

  • MD5

    a2781ccbe8792bc98b7258ccc007090d

  • SHA1

    86a4d3751a2a9e1f79922c5e3784a6ad401ff51f

  • SHA256

    aaf4e0ca82bb3f28282be419d9c7e9272aa34e6f260f2b8a51491f93d4084808

  • SHA512

    7a171d46e5a202f9dfcac2e470143c91ad1543c924e45a05a39940684f0b7ff648eb20e0b2626bea300f842c688e7305838cf613b6ab19757d743cc3bef94772

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\night-cheat.url
    1⤵
    • Checks whether UAC is enabled
    PID:2952
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2848

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    33c95c046ff5732cce0da834a5d1ff26

    SHA1

    bd4de7f97d8f92c5c897dce16a58e94ee16c04e7

    SHA256

    b8238b0c0abaa315119af2140a233a7ee7b2f162a8902d26d6a99496d24a0f0a

    SHA512

    0f65615b70bd99657c0f427b718ab6a40c78e6aad3c7de9aed12c0769cb33bc830a6a81e802fe4affd0be31a39bcde67a98bac61befb2157e0709f73c1bd4090

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d510597dd216712c0d73e757e4ad666d

    SHA1

    01de42dcc87c14e3ea5f77c6efe6506e5754f7fa

    SHA256

    b56313bf6bef68198918f1f074a071d9406834c77313112adb8bc618ec9f2cfd

    SHA512

    42a3744b989c8469bcf612fbb67b54e5ea3194ef63898a99819b2e14d40a477721e8d377ca8fea9ab85a123b765f9c1f512cf6f04e7b421c59493fbc773c2e94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24e2623a2a38fd6d0bd21aacfd3af84f

    SHA1

    9d04d2332e7f88d11cdc33b402ee9e20489c6625

    SHA256

    a93354319ddbb6b87b61b9726183b305ae96867a1acf083af4fa02e19b61cb0a

    SHA512

    8d6fa71fa92954f1a704de6dfccb4570d99f9e96fcf8f4feab8cc7b6366b18bb0cbe263eef996989ca5e3d75bf24c629084bb21cc5c818ad15d1e20093ba5e57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    492b3dfa49a1083e3caaee42c7f68acb

    SHA1

    ccd28bdb6065c58d325e889c37331ee478deabee

    SHA256

    9fececbc135fd3390c9aa488852813f0899d5defcfdcc891441e40a201dc7191

    SHA512

    d800b1da08caddf96f6d8b7eb2f18dc02599fac66be31363afefd95077707780c3c21ce15246fa618bee854cd17603e678526c398f8801c9aa18007b3ccdce32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8eaf3552cd267502b155dede75a9496d

    SHA1

    92c18901bdaf208f33b85c80c3d6817ab5c7cc40

    SHA256

    ff832a270948562eb71f19b4f10a639ba1680a71b0d6b6bfdd0aebd64ce9209c

    SHA512

    960be2be62cb8ab19fcf4a32bc65cb3d1f80538df08daba563e13026aa943651314b61e3009d0027ec498e8a09a02873789d0753f677d0c77b4a0a685468c4bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74b2a2d24afe255a2364b7e8a07f39f6

    SHA1

    34a7dc39e9da63a43ef0166f4f5ffdfaec2ac886

    SHA256

    5d5e6ce114d5e9fa6c7a7ffa0992aa322e7c35d9e216c2fcdf9dea168d24ca42

    SHA512

    61d752c9d16c7d50e8afc113de7ae088f1736dedb20178fc1268dddee5ad2c6e0b39d2fe7c0be2d4dfcb04216b9b60f946ef6613a72762a774666d168ea10331

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8786ddd6649a4bf4fa1c36e619207e8

    SHA1

    c143c7730cd3137a75c1f310e826607f90da6f03

    SHA256

    2aa7d1808700edd379c284a563ebcda6acde8aba79f3523f7676fd65e09010d9

    SHA512

    778d9861de0824a9788723e3a2a7f8651645bafd52770fdb967517343258ffc0612d55b7807174d3951bc095d01b62b9219ea679e07e91edf28070d1b85721f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d948d1e038a19d3a6e906af5ae7fa65

    SHA1

    973da36bfa4a308255ee62ad5c012c283dd1ef80

    SHA256

    96acf2c45b4b3096120ec58ececcc4b869862d4b521382721a65a9c988317f4d

    SHA512

    c90b2e12c3f052c36172a7960c24328dcb2e1633b5ec95a5b06580b7e5f1dc0c3e0e2c7be2baf231af717035ee811544d724c4471903879d3ab1d67aa451cd1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88aa400b631f015c036b5bd52c796785

    SHA1

    ba488ffdba3fe4211a647fb8443746e25970a433

    SHA256

    d5ef0c1f3670ee35466fb561661850f94a34d7e1e0e1a84cbdc671649477b8fc

    SHA512

    ca722126a48c424bcacacb4b5a65b801f8f8c94964ca07581cd3795d8472295be3049fdf083934b0f5396c9dcd3713386cd53d4e6249155886c8b44a9dc8579f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    256f057fcedc90b1cdd38fd565e6339a

    SHA1

    548d490eeaf5ab3247ed7e547b8ce6ad6b4a8d0d

    SHA256

    a3de4ae34e4528096182955abdd9dc22f1e1cbf5f51726a211bc7cba49650f1d

    SHA512

    d23985bff11ff783e3b9589e987e641e588c1b866d335daa0df1809a6d9538a416fb6c4016950c20b6a970390abe5c374dcf5a29fd01d7a40a12ff755e7fc9eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ac04a93992f945fe7f34c877dfe23ef

    SHA1

    1aca876a7d0b4db32edb07326bf5e0b9ae461d6c

    SHA256

    8166b0f9b3b66a04f5851f8befb3f31f43fee49602a4600c7b0d8057c3f6e1b3

    SHA512

    a4daec709456e24723150e92e6a8dc804416eac54cb3944b834a1a5b65bfc5fdde6eb4d4346a6245c854c8f8e3b24b585ba9450cbd543dd5232d192fd7da1f22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01a232fdee188d856a9590796b60b603

    SHA1

    e43d139f8f97021cef1f1c4b6323c873d856b2fa

    SHA256

    dd44bcdc6982becf1c86f0dc44d36d977fda542166c0347da223b3677a5eb834

    SHA512

    74f2b09f193cf96d00fa42d5ff321268a5792ba9b090a1c0ae7cefca9a35f7dfc34a9d8854677181a2cae80bae31fec078e51d22d83ecf8cb07a777531c8c0da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e907a5787ec3c3bd9d205cc54d9c91c

    SHA1

    f6e04e1b0706b0407020e3d544809344e1dc3730

    SHA256

    1e40ffeec1f7e55e019e6618be86c0dd121318ee79209027f84b09c8499c3822

    SHA512

    61f50750106eaea8450774f30d0d92c7db66bee41cab52a62037091b1dfc321bb1ed9d0d544d69b2c2cb507751ca5c1c0668418bf645eaa05285c0f8418fd736

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb02c0dd4a1a54b6d571a67991b31626

    SHA1

    f572acd54303ebbe4c94bfb2bf1cd39145dbcd50

    SHA256

    f3a933faf2bd291a7877f3a98ea5b4df10399028bf62005568ff3d0ec8ec0e44

    SHA512

    b6e613ee37ad26b3825640072c3a41e3241b87e34ddb93a4b378936a2dbbf8a5b84ee066109efdb40a59d40ad6cac3dc973693b6ee61d1a6833199211cb14b9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd0b140fb367d3bc9fdac73caec42e12

    SHA1

    9f91456e6ec9617c503cf15ba49a0f81b100d3e9

    SHA256

    799b2cf4f5abb46506e95df90d19e829d364e32c944445dacf42ced13bec5a20

    SHA512

    1a49b8da5c026d081d37e5473ba19eb8a110250e7ee33635d492bcd884a2767bfa1064717a2cf8f836e16d6be8880c4981973822c4c121989d5eda4411670ce8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    907dcc4e8c19235cb33a07d0d69705e1

    SHA1

    00794b366138de66dc1078b1346e81e7c5a05a9a

    SHA256

    8752bcc912233ebee4b52af5d5e802dc335e85ed8fec95a99d8e42651a9b8b58

    SHA512

    966f803f0429268651bd41b1cb99d7838dd6ad47d9518fb6a09cb1c37be8716dd5463140466a9407f349e91081b591c86c5d0c9af2d930638be41083c9273eaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d510597dd216712c0d73e757e4ad666d

    SHA1

    01de42dcc87c14e3ea5f77c6efe6506e5754f7fa

    SHA256

    b56313bf6bef68198918f1f074a071d9406834c77313112adb8bc618ec9f2cfd

    SHA512

    42a3744b989c8469bcf612fbb67b54e5ea3194ef63898a99819b2e14d40a477721e8d377ca8fea9ab85a123b765f9c1f512cf6f04e7b421c59493fbc773c2e94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    53771527f104a771534a74aec9e49f5c

    SHA1

    eecd6b854ed73b905e225f063eefdb353b62a2dd

    SHA256

    75e167276571fef887d6ff2f7efdd5c9435ecf0e55ea1e7983311d2c558b637b

    SHA512

    57c543a44f6e8f23ad633e00cdd6452fdcd38f066c10d4723a6f7047b74e6bc84147eebe3fc5c602098e83a0ffea80624be82d7ddf467a486f57cf8eb1f6c58f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d9c5aee5e1bc7263ce70231c7d13450

    SHA1

    4db0194455df74d723e44abf49957d79e6790957

    SHA256

    2249492df3a6637cabc92109168146d85a78bbb2322caba60ff7b656c2883e3f

    SHA512

    10a715f648c1bc993bd0c1e30c6e727aeaae64ff61ca53c1cc92b82736c535beb8ec8a024a8cd353f81c375492288399e53d586afe9ab905112d9dd048adbcfd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7110f272b172a11aacb8c1e1e5d303ef

    SHA1

    a3827e04b6f116fcd5f72f97ec1328715b279b07

    SHA256

    4d21fb5a3b65511522e931135924c3ae506cb812fa7b46a37509aaa1d3b2ee0d

    SHA512

    7c3ecb49e11b9ac248e254b03c3647a41900415085b41dee06390e8cdf3b6d8de5b3816734c5cc67adff3e61126e7797a18104b1fef65d36024a21f84cf14a22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28315140d73b40b1a36eb1519be20353

    SHA1

    f2d8d838287363de4b11fcc6a6cae2ef01d9dbd7

    SHA256

    0ce1ab47aeb487228617ac7b87d195834b5663a8ba8cb348ec54d933ce583e03

    SHA512

    fa3a2addae70269390401a2bd3a94d7df0ac7ebecd4fbe1e2f733f09adb11f36154b9e9c479b083775449bb4ac7a45f786c69f2527b1540ae13922bb28ffd72b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a6a4dc856f0bd6403922350a47b8417

    SHA1

    cd7f904e1de791852fe184c44a01525a0dc1c2e6

    SHA256

    442769196b0091ddaf5393549a56e0d684d05775de3709644601873dc0f3a2e8

    SHA512

    0274566bfa4f379337b150440e2dd1990440cb72e35f2bc5375ac6fa2008ab8e8f34b11def0b2df6011c9e7670214f446560a255548aedbf861d2060b99c802b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2004981b1894840c880c04e9aebeacc6

    SHA1

    ac38d6bbff93d9ed8751ab739eba82ec5c82806e

    SHA256

    3881d5f51efed04b5e98d56c5318ea0bcae3dd5ab6a33941ef55abe2e34e4493

    SHA512

    3adf5679b69307d78c12faa3c3c8be5575c4a8bbe09cb79837a899caf482f0048b6bee8798faab46d04cb269e113d67e304233c27e5bcdec2f87de2dd348f37b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    0f5170525c57fb1135c3f120b8edd6bf

    SHA1

    3c8e01146aa9e51adc03d286c38c5593a055464f

    SHA256

    979a3754e2a03b06a60ff01fee7ce91f2595e1e16004ceb7d933beb0cc3c7ea8

    SHA512

    7ccb2f475df7fa4d3f64a21691d548fc430aaec0738f657a53c1e9524e43703b19941ab11b3cf49b67549d0c0f2c8f15027082aad6b560f9e95114e0c6417cbb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\5h7y85m\imagestore.dat
    Filesize

    24KB

    MD5

    f3d384f2d64c2bdb2e9e580a75ff4020

    SHA1

    9ed5205886b27bd538c22c710b56d1425dad2ca4

    SHA256

    7d85fb736a5687661215f8c2c9c86a1427c3653d475580b34b75794cbbe72815

    SHA512

    ad93e944db0b9175efdfe102f5a371b9497876ff57df071369e5c65d4e117bc9445a0fe75dfc292dcc52aa2d3fc80ca0c0de233ff34ccb9f49fa338daba76115

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C4I18IP7\ec2c34cadd4b5f4594415127380a85e6[1].ico
    Filesize

    23KB

    MD5

    ec2c34cadd4b5f4594415127380a85e6

    SHA1

    e7e129270da0153510ef04a148d08702b980b679

    SHA256

    128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7

    SHA512

    c1997779ff5d0f74a7fbb359606dab83439c143fbdb52025495bdc3a7cb87188085eaf12cc434cbf63b3f8da5417c8a03f2e64f751c0a63508e4412ea4e7425c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4B14.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4C34.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit

  • memory/2952-0-0x00000000003C0000-0x00000000003D0000-memory.dmp

    Filesize

    64KB

    Download