Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    127s
  • max time network
    298s
  • platform
    windows10-1703_x64
  • resource
    win10-20230915-en
  • resource tags

    arch:x64arch:x86image:win10-20230915-enlocale:en-usos:windows10-1703-x64system
  • submitted
    16/10/2023, 04:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    83515a346acbf824212317f4f427fb5aae7a89678afc894607fb20f09a6dff63.html

  • Size

    398KB

  • MD5

    96ced74a9ceb9361f39d1ad94653cad9

  • SHA1

    dd2cfbebc6063f5f8c835d0aed5bc9c9e8f8b098

  • SHA256

    83515a346acbf824212317f4f427fb5aae7a89678afc894607fb20f09a6dff63

  • SHA512

    2b84cb4bfc97c69f13c09ebfb476d913365e658add3ca1d5acd6286c2394780fe6cfa55bdfadce4fb9811df37d43c65df46b749f707a529d3154133537bb7b46

  • SSDEEP

    6144:EAgcXSuXnkZi7Gyh+yr5hWxIOOQXx7wSXJ:dgcXSuXnkZi7Gyh+yr5hWxIOOQdw8J

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\83515a346acbf824212317f4f427fb5aae7a89678afc894607fb20f09a6dff63.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4928 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    4KB

    MD5

    1bfe591a4fe3d91b03cdf26eaacd8f89

    SHA1

    719c37c320f518ac168c86723724891950911cea

    SHA256

    9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

    SHA512

    02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\AYEBGUTA\likes.7965f6735e8e39fbbe73[1].css
    Filesize

    554B

    MD5

    d11928ebd8a1101a2d6b4476ad292606

    SHA1

    e369a7d65299feb97d8c11525d8c831cc463c63f

    SHA256

    7bab9c45d7c84255c431ca155530532d5ea19f30bcb389db20f7edf26a5cd43b

    SHA512

    f3999089fdd2719f70bc2999b1b282452add77eae62c4c55777ccb376bd0d0a3a738e2492301a9816df4885f2693fe47a9539a31ff47a445b2c86a1b8a6cafa1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DXFPCU0G\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\2IJVEM9J.cookie
    Filesize

    543B

    MD5

    f9792812e61d06b877cee0ab1eedaeaf

    SHA1

    8f057c3b8ab327803169ac8efb297b4dd71262a6

    SHA256

    c4a3140aef10f8c3416bd1f1f49310c6dbd13ff1e90d09fe64c5fe676a34a52d

    SHA512

    ef209f8b7ad4d50e4d2a2d8440caf008c9f247ec9f4e40ae527725af7e6eb8c70b96e92bfd45f46c2caa12c2cbe1a33c7462481524b8bfc0f007fbb990dda054

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\M0HEY8RV.cookie
    Filesize

    543B

    MD5

    13c100a0fcc9f21311e78856cefeaafd

    SHA1

    b7e48d0bb8d825a398b5846cd93348cadf6ac1a2

    SHA256

    7a06d568563c8b76094df2657edba7fed6ec1d166e7e72f7cb91b8d213b13f7e

    SHA512

    034e13a27b1c93d1d4e4316a1c2004befb8e31f5ecb8dae898754b5039136f9d2f072b37f3935a391187e9235c6673bbb6e445ec1fe4b272c01cb79e293ac1fe

    Download Submit