Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

revocaMail.html

windows10-1703-x64

1

Resubmissions

12/10/2023, 14:37

231012-rzhfmagd73 1

12/10/2023, 14:06

231012-relybafe23 1

Analysis

  • max time kernel
    103s
  • max time network
    152s
  • platform
    windows10-1703_x64
  • resource
    win10-20230915-en
  • resource tags

    arch:x64arch:x86image:win10-20230915-enlocale:en-usos:windows10-1703-x64system
  • submitted
    12/10/2023, 14:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    revocaMail.html

  • Size

    2KB

  • MD5

    f58ce6e393a63af56d34ef02885e437c

  • SHA1

    81437891836595d07a3b1343715748abfdb7a677

  • SHA256

    8dde66b24b48b85dad399a1d86d39f3488da20d6d852baddf92a6b02d5c1822c

  • SHA512

    2f7a0c0fdbcc3129f31ea3d0373ec35532760fbe56c9e1e71a3ffa13ab86ec2db5354c52ce60b29a4887345f1d164d108e002098505b7113640caf4e03ba23c7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\revocaMail.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:656 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    679e1db6ca3dc9a0d349a880e081abed

    SHA1

    303df3154da948f77933c7cbb4cec2b84d068ecc

    SHA256

    244307ad037160a24d7afba2f0913f2f460c855838dd3d48d112eccb25962ee5

    SHA512

    c887d50aec33e5502a824ac1ac4d1d0ced872c45f16e3f9bef9b6b5ddfb26c534439df06df065086dfc300efeb0096be0b0566cb6945ced91058dbc0c7203134

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    21d5cd314bf933a704ce9405f27bf594

    SHA1

    5ae5fddc73de5e5d048f4daeecb8fc35b6a8b72f

    SHA256

    6f9648c9205251074a5966183d7e32b48b6b29c14ca7dfdc7495473fb971848f

    SHA512

    5edee254d221b4ecc42a405e15407b8870c4bfef95954cfdc52871ff8aac7521daff04f1b9306d17863886bea11c6cb91ce52a295d6c3c90882d5351504cb007

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver74DD.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0G1F2NWK\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\OQRJFZNJ.cookie
    Filesize

    543B

    MD5

    3cb9d4a9f639660e43a6e238af7a98fb

    SHA1

    b80696c101e76da72108e130aef1347fc8166386

    SHA256

    911b9ac7160d6afe7ecd5d529a1234daeeb155c0f0513940a103f836f42b9f97

    SHA512

    741d488fef5e429574aa282c613522c1ffaa0b296a18d1390fc1efd20b445e021389f391d3420a8a08abc853c63f1ddc5d7134a540b9cbfff449e0d29719efb9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\RWDIEXGK.cookie
    Filesize

    542B

    MD5

    e9ed0ea9ca7f2f76ec5b477eb219823f

    SHA1

    654361c4707b83c4fa03c9c5a93eba6292b840ea

    SHA256

    bf7264f50f3c5acd775815cac773fbb45cce7261d37c74ba4a4fa5de30831405

    SHA512

    0cd8f7f77f156225f459ab199cfe6f29b6eb0c93b7516fe65ea16ad27afe2bdeb8210e0bc53b95b28b8c8c00767a2c178f9b447b08b78a0863995cf12563af20

    Download Submit