Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

view.html

windows7-x64

6

view.html

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 11:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    view.html

  • Size

    79KB

  • MD5

    5f086529e14b1de38d847ea8b7965e06

  • SHA1

    46bf53d9406ae7f86ba8e3bf8baabb2333e76008

  • SHA256

    f6410a8e81a15717577b1e94bc45c2609dd832e50191ba9d66fdf2694015c295

  • SHA512

    415326e9fcb7f576967ae7f22364f799fe87f11d9f094d08639dd7ac9675ea63f10ecc2e3021c8332939d0245cc5e01e234df0677a72d2e0595cc503acd23306

  • SSDEEP

    1536:k8yuchEjlJi2qDSjr8mUNBMKEb/ZwC1cjW9+1Zqh:k+cWHtnUI1llh

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\view.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    4a049cc31c27efb3a719562a7b26ea01

    SHA1

    c199500206c0ca4e46b094eda55533e18e639371

    SHA256

    ccea1e61b1d0081e28dc9ef42e136795b552975832a7f25089d6bb11aa06c2a3

    SHA512

    9f9fc8a1b8835cc11f50b9d6343485deb4b1f26ea72b35a6883aa8470f520f5cf9c37c2bd332f753ff47b2806fdf81499bc275ddd6a97d11e7e98e303eff6042

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f9ea9b3a0303598b5f7aa2d64b60ed9

    SHA1

    663e469115c091491508bd3d913cd97ca2deb551

    SHA256

    813ead70ad38ba373ffee21c4044c94ada39c6007a6acf85d050a1104ca104be

    SHA512

    52008b49313754da94ae730f4587056364b5acad25cb90dd61e4918d0b60555961fbc72975028966d26c0bec32d94d775b45707385f5e5a98371ac20997c3d00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e64b03454d2636a888915165f95395b1

    SHA1

    c04273856efb9d33126dc23159778662d11ae166

    SHA256

    0ed5fadcc1829bbd9be0956801944f3c0e3c0d56a5972e521a0920a0e254f957

    SHA512

    632f00131063c5664fb728f8e48938cb5ee195738624a135d9b20526425a26ea3a6ac4c9c8fbbbf2e54d25cdb11be7533bfd68cec50fbce26323a91ae5512ffb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ca57ca3d83f5c07fbc4e8466a54c349

    SHA1

    cfa40d2bc4828e84a4dda6faad1c02e9a31d94af

    SHA256

    b84f55b1290c8500ddd7e10e47976122657519c9972d7b2138ebf233ed591355

    SHA512

    3e524c56410c2400c2ca620a456e4f2666a24ddddff3313ff0ce6d5a92212ae867237c6a0f75109e6f80420202f8d75466f4812aebd0d0c9b165f32df8e907b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4cdc5276f100c3d8dd0bee12bafd7c4a

    SHA1

    25d2d6c18673f5ce81e906ecff92f9a16dab817b

    SHA256

    4d388660c1db799a7192272f3e0709a6a992a11fabaac62a404cb38fd050a0d1

    SHA512

    bd91d3c841bc2741e227737a98ad680e1d3240d01f8bcd050c3354e2b7a5334c85f7cc697fcec745a001c6f08ff5dfc9bce271d408d938b168f1abd1d10c6ba6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a3b5a88af44cf01e89955be0f0006e5

    SHA1

    2a3813a7b438e18d801a2bc0afe2e3db0bac2a4b

    SHA256

    ea1e8320c97d41d3ef809851fa6f041447dee02203fd88959cf28571f138e30a

    SHA512

    25787ba9a8f12399be00cf52270a8dddc0b26e8dda0ef342dcff312a1caf7cca415c8477dd5c7278d6f75a2f2c1a7b8420a2436c34c36120e5222ee1f344ece8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3de9af6e031f70b2c5b686c0942b609

    SHA1

    8188508a768bbd0b8053b96a4e9df38963dd83dd

    SHA256

    1a2c77d99949c6435448376cb7e72ebebb7fe91e5e428e1b826164c48e7b3fcd

    SHA512

    112983dcce65f497e9aef83d7a721b856cecb0591c565be859a1f507186967d6a3ffe9c085122a5ccfc43755fb7e1faf541591f1a76049e9fd82dca47a0a34b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c987497b22fc9bd622c018a9b5f1dfc1

    SHA1

    e34be2f290bd77128baea6f164fa48cc23c1fd30

    SHA256

    ebaf24165fba3a46f45a9ae6e94da0ba2d2b1f17c772f224e76626ca1930c709

    SHA512

    cfb0dc0d2996a1daef0b68c1c14dd884ca4f410b9b548dd5baa025694a5657654426704a09eeb130be6085f4f0ba4dbea16b8471736a8b0ee5ed997da15e5177

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50d04e127dfb40b2b0c1d8d03b6097b1

    SHA1

    02ced79864967282298cb3c3f269846a4844013c

    SHA256

    92dcf3f0a6679b836a2facf150c1b6d3675faba8082239956bab1e29b478e687

    SHA512

    5a464217581af67ab9c776db1b1eb8224be07395560f0d3e090693462f8afab608df392942db0cc6b2a008d4a643d0d9ba44348a7fb295f6175ca76c8dda40a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82e172a91ae55d5e5eff0bf16fd931e3

    SHA1

    7baa85edc3eb5af512eb39fbc8c3741073318f25

    SHA256

    ff8558ccf36f3fce5d702fddcf1ea8d90cdd9b3fd820099aa7b552dba62c9216

    SHA512

    ddf2cc436a22bc5beddd57d0e120654d4aba10aed39261de9b571ac13968395feba20428942a68dddd3d910429ad8fccca1374e7e38f61773bdca3c74a84da2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    29575ac2fcb05b655b4af0d4639cc2be

    SHA1

    28632837f184caabed07ccfec474162afcefaa48

    SHA256

    4a9ae887463f228db170acb614397bb8d36598d69594c7ff3d2e677e4014acfc

    SHA512

    197bc78f743a90aca3468ef87c82a1cdebe470e4b45d44c1fc0673eb67c1d158dd89d4dbae8a2835ce94dd46737d04806eaf03c694f012a2289e4556e9cbb74b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UYVU6FI\cb=gapi[2].js
    Filesize

    77KB

    MD5

    f8641435b075d5b0a4e0e9efda7ed078

    SHA1

    f59a288c49b88045dbea3981904533b291fb04c4

    SHA256

    bb2275ed1c4a0d331755bc21d559e1fd796f3a7c0909887e187b12d5e0bade24

    SHA512

    8c595f19ad88e0ce76e881ef4973ef894da50e340ff600ecf3344fe5f81c3a2910d7dac27fdd47b1caaed1a24895babd0bef7c7894cd9af69b3c54b226e4cf7b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC581.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCBEA.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit