Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

SecuriteIn...01.exe

windows7-x64

5

SecuriteIn...01.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    117s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 13:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Win32.CrypterX-gen.501.exe

  • Size

    400KB

  • MD5

    fcbbe720928e4b5f3a30f9b407fa6874

  • SHA1

    2ffd5a3a8feb1d28c6e527646cd91e8dd97e9f75

  • SHA256

    0045fed5ccd3160d994bcf092af98d0e24e26fe1a05ab3a126881e032d1f938f

  • SHA512

    e59d0e68965c1757c3ef4ea7ee94f15a68e4225d2d0264f9a665819798ba5b1decd9ce8734d509dc6fe5fe1098a076cd6f7d7dbd531c51572c18a9b40c8e15b9

  • SSDEEP

    6144:SDAqFtOMBJN41P8LLH3p7n+K7Om2cNm7V3Fnm9HaOspiE:S1FtdBJW10HXpTZ7Omzm7Vm6OspX

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 29 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.CrypterX-gen.501.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.CrypterX-gen.501.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\DataSvcUtil.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\DataSvcUtil.exe"
      2⤵
        PID:2652
      • C:\Windows\Microsoft.NET\Framework\v4.0.30319\ComSvcConfig.exe
        "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ComSvcConfig.exe"
        2⤵
          PID:2668
        • C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
          "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe"
          2⤵
            PID:2672
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            "C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"
            2⤵
            • Suspicious use of WriteProcessMemory
            PID:2688
            • C:\Program Files\Internet Explorer\iexplore.exe
              "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=mscorsvw.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
              3⤵
              • Modifies Internet Explorer settings
              • Suspicious use of FindShellTrayWindow
              • Suspicious use of SetWindowsHookEx
              • Suspicious use of WriteProcessMemory
              PID:2620
              • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2620 CREDAT:275457 /prefetch:2
                4⤵
                • Modifies Internet Explorer settings
                • Suspicious use of SetWindowsHookEx
                PID:2460

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3bcb00e586729cec50c80800f9c67058

          SHA1

          4df480215333623b61b0a12e3940399f9291bdc1

          SHA256

          ba42a39a444abafb7ee850b88b49f57e623fa658436dae143e311b172327bc92

          SHA512

          576a2595c12090a6c47c3e3e12d737ed6eccc8b04786ac432cf2a699621e3904aac27f3251f5be4ba0a1707137ccaffff124fd298bc5d9bcc45ece187e51b97c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e7a2267fb88e724f9260ccf12024ec9e

          SHA1

          2fd99e7a09eff167cb5b6ad793feffe1c86f04a5

          SHA256

          a8a64ceb19835978e6958ea6883bdde7adb4751f5a74e969407ba426cb2809b3

          SHA512

          3973c3f1258e580d3237ab5df1b692048d4a35d59dc4f98407887c75f2f08a8421835501c625b988ff69738ffab020e2e81ae38216dfef054e2b5d743f230137

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4412c911a5c40a85e150712e53ffb0bb

          SHA1

          41802d3440abfd2fea8b3fc40e5d361d3e455d29

          SHA256

          4ec486046115e0cf26cf8083e1f5acfb1bd76e7d8eb32b37150735cc8700b4f9

          SHA512

          4c03dbb0e22230649d40669211e4d090bca38b6103c82b3f3462b7e30d97af92d8bcde72dcf5fba3325754506ce06b6a81505d37a39fddfb2e0126d7528d295b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          435f811c4dc94e0d045a8972f0fc8db4

          SHA1

          0c06266207169cf21195625c5978a441cfb3f0e8

          SHA256

          177eb180de304c1c6f919e6c66fc886661ef240f25e79aba155637787ce0d5de

          SHA512

          37b74d5b221bd6d6dc86c8b94725429f4c8bddea6f7cd6f5ef35ecf7333512c5e039197b418f086cd559fb04679e7d0868cc437d63f0da4a69514a4d70afe338

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          435f811c4dc94e0d045a8972f0fc8db4

          SHA1

          0c06266207169cf21195625c5978a441cfb3f0e8

          SHA256

          177eb180de304c1c6f919e6c66fc886661ef240f25e79aba155637787ce0d5de

          SHA512

          37b74d5b221bd6d6dc86c8b94725429f4c8bddea6f7cd6f5ef35ecf7333512c5e039197b418f086cd559fb04679e7d0868cc437d63f0da4a69514a4d70afe338

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8afcc2d6affcc2c1c4e36b721f642096

          SHA1

          d1f73859bf5118e9e1fb9c1ee123e313548b6188

          SHA256

          ce345c282d95f7518bb5dab33c0cb4c4f8cbacb2c0ee2ed8b855130e09fbcbb0

          SHA512

          5b93f2c4df252c0c85b06d64eb8a13156361fe4e694c7453b031d9e7bb8d735bbb1d4a80ccf4d935df9de6e37bb3a548cd4bfc235d93256f71e96d88bdbf09c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7e33ec25c9a99dc4b6d0ce5f6179a057

          SHA1

          41c2bf0be04a378661734f324891509f810b9d50

          SHA256

          99573fce6f6b8a6431171f81caaaafbd38a3d5f6a632d64d21419ddad1073cd5

          SHA512

          f73207e858e11e64758b4e6dceb37c9263d6fdb4490a87642b21087a74f00fe46f03956ba258cf1f282d6b57c4b09ad7cd2ec1c53c9fb74588e48c84912e8188

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c2d68f8f79bc220d8f99d7415a035701

          SHA1

          21ffb27bcb4f54de6ac21c9dd470e7f220e02328

          SHA256

          c3096269579561705daae02da61681b8bb42a7289cdca814667ccf862cc0f7a4

          SHA512

          1a861b935074ccebafda05139298a74f4fcfd8a7d3cd8d030203de8fc238eb64ff6b29987e35f57577e3c0a3c95885d2faa5b8ee11685ef134bb204c5dcb3e51

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fb331568c78937900bae97123aa3c9f6

          SHA1

          b71e5ab40701070fdfc6cea20325a00e8793302c

          SHA256

          4948f8393aae9b3af341c9dba47be6445e36c3f3c5bfeff2ffe19cf7f4f753c1

          SHA512

          1f2b0bddb24e12eaecff9a8d130f52da8e97c66b3a120522d709a03f76239f95624734487fa6a817493b9afb4c5ca9ebff1dc809fb5abd02f267afe0f2dcc6de

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          92de59fb117af098c27d62525d31dfd4

          SHA1

          3d4a56bb677f3c74d8c30ec90440575823088239

          SHA256

          496a85d9f7891fa091e397fd26cc12ab66f49f5a5c5bda93102ddbc887f21636

          SHA512

          68aa081f9a132a1d121d49279f723de43118641bea49cdec4b220e65d005fdd432ce1dbb3892de2cf7a7e3a1302d7f9153dcec299ba266c79d85a47f07c62266

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3728317f47436e8dc6ce9bc1555cd339

          SHA1

          6cd309ed2fbb641e3c1be3679ff989e850f4b53b

          SHA256

          21ee766e8f7258519e582f865166820d9ab606b5e608ecda4cf961657661fdcf

          SHA512

          a0550540f813243088c41aeef355e3fda7c3318ced2ecd1c4f0b4a4a97468783fd41930b747a4ed228197b442aa9aad222ded3a4ca616fcd2c39e66993374009

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d06562d5a4f0eee334fc6a6d51c6f1a8

          SHA1

          11660f172597d1c7a6b91fb55b5687b776325a83

          SHA256

          8fca237f232a42a4585a2fa09f0ed7cef8b60020f2527f17d0ab9a23d21d8eb8

          SHA512

          4811233fc9e02715255816880e7126a449139727a917f75e9af052f0b551dd016f41627ea8114b336e04dd6f4cbb8376a0dfe39c7e3850e8fb4892c22a3e0972

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9528f2df32a5599d1a8e664812bbcfad

          SHA1

          9d2457268edbcaec5e7c389c3dc29da1de162e1c

          SHA256

          d125e592c3757b9c84ff24e60b1400cbd6102211198bf25745e52e796a4d62a7

          SHA512

          b294cbcfa79387f8cadd5f508280585662c2d1cee809d791965568d72d5ab7fd221290855b4292ca1f84a6e833f5ae0c9372a5a5acd1ac462ef8097f302d6ade

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e063507fddc8e19deb9808f03a7a854e

          SHA1

          fd11f025255ea1d72a4b90adbd268b63bdaa4a34

          SHA256

          fa8181fabac73a51c7d63d920d3d0e2a14858e032aac92db746879e3c8a3a052

          SHA512

          da6c08863fabe2a95dea528746ffbe94036464d1ee122ac3e9f942070483a0182687885cc4d8faa517688b1420bdd9f7f1741d7d68d83670b05c2c0e0d2859dd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cea5f3d9d769baf0b254809a9659e938

          SHA1

          1b3564fd1e251f96875fd1b739a19082163ef8bc

          SHA256

          606ab66742a04a09ab5b40d1e50468c7d6c53f9484b7fedfe47b28a9019e2ac3

          SHA512

          24e6ed865c8b815a10f2346d08e92950d449523c3f4d3c40fa4e951a2054eefa3d2a94ade95e2007ee87242b4be7caa075aaba603d6cde36a315717c13f7feca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5cfaf94c6bda6b012f4c80a57211d10b

          SHA1

          e1622c120187713ec6b63087a1310e8033a67128

          SHA256

          e4c03db15c9b4c1483d79dd878a1ba394e46ab6da46645fce739be5fa2675fab

          SHA512

          03a3b3f54ca0a27c762d28e5c9195b259e0d9f41bc875072ccd442178a0399e253174c493a73f7099884d6765b929f1b248a2e29d2c61ac1c3734a3f262961d7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          66d9508e6514a80cc53af0610d7fbf48

          SHA1

          d270b4085c94ae94eb348362d1e410cb1f98dc14

          SHA256

          1d66bb9f8b141ee8445f5bcf02bcf9ce011fbc9c3c552103e1cbe3603ddf462b

          SHA512

          70fb1a544f618767e59b971e9b58bb45ff0fa19fc7f34ce8a82e5899d1a3c2291ed6c32774dfbf07946e03cf9962d2511c7b458407ca9787116ac6d7cf078abf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          196099252aace9344c97573099dc1f71

          SHA1

          dc72f09fc780af1618394d36cf50066252b0ceb4

          SHA256

          d422bccb6fdb80d467e8a9c856fb45ba60289b9bdee210f11aa31200e386d810

          SHA512

          e19aa6a0f2a33d35f4963a5f74714ff76c79f481e82becbb90ef1c49bf67af175157c90250518f239ca7ce14af42df2c8e26e3a04df997994a88ba903f162a95

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d87301ddad62b5fe0b42572d681b4857

          SHA1

          2134f30bfe239ea376f01c125fe565c0b20370f9

          SHA256

          f0cea30f63fa7d4568d62f481d0023b24223cadc70c794005cc0f269ef8f8465

          SHA512

          adae83f0589f2ab6492665cefd31992c1e65e55de8aec18f2e377c07f79f4ba517d2cdcaa4f22e13170a263d2a662c0f0caaa64fbace16349637f9e0f2ff3c85

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabD5C7.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD649.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit

        • memory/2644-2-0x00000000009A0000-0x00000000009E0000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2644-0-0x00000000741C0000-0x00000000748AE000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/2644-1-0x0000000000E30000-0x0000000000E98000-memory.dmp

          Filesize

          416KB

          Download

        • memory/2644-3-0x0000000000DB0000-0x0000000000E0E000-memory.dmp

          Filesize

          376KB

          Download

        • memory/2644-4-0x0000000000580000-0x000000000059A000-memory.dmp

          Filesize

          104KB

          Download

        • memory/2644-10-0x00000000741C0000-0x00000000748AE000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/2688-5-0x0000000000400000-0x0000000000442000-memory.dmp

          Filesize

          264KB

          Download

        • memory/2688-7-0x0000000000400000-0x0000000000442000-memory.dmp

          Filesize

          264KB

          Download

        • memory/2688-9-0x0000000000400000-0x0000000000442000-memory.dmp

          Filesize

          264KB

          Download