Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

hoplite-in....9.exe

windows7-x64

1

hoplite-in....9.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    26s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    23/10/2023, 16:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hoplite-installer-1.0.9.exe

  • Size

    5.9MB

  • MD5

    3f18a99e372302985faf8948d246304d

  • SHA1

    534708c9d565039417f855a8ed617eb09380237a

  • SHA256

    5f407bb095071cb12ba4937eee642d209cd8504947c992f3cd9eacfc122a6a56

  • SHA512

    031a6f5a68d1acccbf92ee481a3c0f5bd077d720f31d8382b62d72f261455096d4323baf343151732271195248c84bbb1bc50279b079057bd7fafd13b8f726d1

  • SSDEEP

    98304:IhIQhosO00tCc0rg21bCv0LFByOVmU2Uo8Yu8WACpKZB2qI7fr+Q5QqzxWCM:AIQU00tArLfLFoOV2l8FlA8KZB2qI7fs

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 30 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\hoplite-installer-1.0.9.exe
    "C:\Users\Admin\AppData\Local\Temp\hoplite-installer-1.0.9.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://fabricmc.net/wiki/player:tutorials:java:windows
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2216
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:3056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47a96c03986b803f6d25fc4589e17ca6

    SHA1

    c439dfc237946de772049423c7bd70b3327064ae

    SHA256

    91fe7a194d58b9d5b7e4ae1e35711ad0e87f538383e2d1e7a437a7a0ad42d1a8

    SHA512

    fa1196b4477c65d699dae2ee25d521159674c1c53bf8800e131c468617685d8ff0d833c246308277ea81e84df7bf4146166285ea9a1bc06d4e55fffebc998e2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e19a56f81633fa5787ca9b6cc2a5766b

    SHA1

    1d347a3e3390584e35088d9b198e76b39144cdd8

    SHA256

    ad404eb01d6ce2bcdf46395589c082f920da1c8a0e4253852a7f89ce6fdf564c

    SHA512

    ac83972683b133a6b6c2ed56514b86f3f0a30faf85c44bade6c90a0d6600062de786ad15041c1d2aa6637e5ca51e2ade620d5fed0458c41028e990b4ce713f25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    647a0b28446a0b265fbe350a3733832f

    SHA1

    34e6d7117fe0f6402cfabbe4b28eba7139811bbc

    SHA256

    0b77f8a1445144e00c4f49f8e54ab8135030d55be24f0dd4c8dfbf06fa864aa0

    SHA512

    31aa6a1f0f56f14f0e20160f63fee304873b4d0d76d7ae19ddca15480d30d2b417417541ec8e4db8d5c3e3b9771072d2e0a9a65c2245632619a7c135dc5de7df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    647a0b28446a0b265fbe350a3733832f

    SHA1

    34e6d7117fe0f6402cfabbe4b28eba7139811bbc

    SHA256

    0b77f8a1445144e00c4f49f8e54ab8135030d55be24f0dd4c8dfbf06fa864aa0

    SHA512

    31aa6a1f0f56f14f0e20160f63fee304873b4d0d76d7ae19ddca15480d30d2b417417541ec8e4db8d5c3e3b9771072d2e0a9a65c2245632619a7c135dc5de7df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcc88c9ba89cc26ac5d6b1802be89afa

    SHA1

    668898456b697af90b4a6af63386305cd8e9f115

    SHA256

    ad824d317099fbbff5e901bb5af01938753cc083b0892bcd447027c80846416c

    SHA512

    68339e660a79db2bc2c0bd05f3e52899e2ad71a8218821d1d00b8c0b62df8c80cec539810dce9cf113c3976d3ceaf065a363dba32831f5ec0053323a41c7acdf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c42c709c3d014f1120fb2de7e9575cb

    SHA1

    d343b0c266ac85225e5220778da3bf1b81549e28

    SHA256

    0138d460ee0783e02b20f09fa3f39b4aeef8ec1ad1c38208176b839ba09ca4c6

    SHA512

    56a33490cb11c0267a807018eca4b463122fd188a8ea89b01cda98efa5ebdaed357f52519ff230828e79a15b17bf980b7e0c82247fbcd9bab7cdc37d528a95f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc7f46c87e11adb857d20381d56acd5a

    SHA1

    310c22c3e0854e318e49279563cd41dc2c571eb0

    SHA256

    c110fa5e3bfa8a25925baa2e55a267424225ba8e3c772d3973a89f397e9ee0be

    SHA512

    287cd0ab22b4a07d52e1cf3475e96c78d0ab67cba3fcf89d917cfa74bc8b6fd79581d785b463c746ed67e9f010e54ba6dc09b9f9dd4678f776bf08e542983e76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae7c767ff14eb6a7509f072d3af4ef7e

    SHA1

    2c2ff681fbf5cc7e7ecb8e82db7e018a3694815d

    SHA256

    6ef274d4c2890004dfa27a87d8897408538e0ca6e7218e475fcb26afeacb7965

    SHA512

    c1d3151d56e48ae9c577c20ca88d8fe2c262aa1d28bd33a57e8ad26d6876c22313af8c4c44090c1bd05764403c85e956fa3a3e498ffc5b7a44f9f5c3f8bdc19c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f65ca7c97e3998428a2f6c3b7e33f767

    SHA1

    3a74655ad55393095b874d777565631a62a15614

    SHA256

    5815163ec41188ff18c0fd92f4f82c37c1918603eccd23d0864f2132c1bbd8d6

    SHA512

    88fd684ec7f4512182a675a5f74d5f3948427e1fcd7b177af52862bffb188a69122536a49da0c84195bb9347c36ab82cb6a217dc84b6d933a73e9ccb9dede859

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8df7cc1d10554e12f535ff11fe5988a

    SHA1

    9a477df17951a6e7b6e1ba2f242a7c3847613c3a

    SHA256

    12b39588ccf8204e1fa974d23da49be0e9827d052012dc6c5031e54d1b5b0210

    SHA512

    5cae8ce98cee6adabdd60ad2939bc2137e7f341c82185a609fc22fbd15cb303c12d61dcc40052373355dd6e8d34e581da1465a3815a6e7368ca6f6915010bab0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a6f9a362f125d938fc954649e4cea5a

    SHA1

    b229d02e4997dd2ef302443274b01d3e81b68b9d

    SHA256

    be332bb473ca6b9b648991451e986f8a6af8d9077cd3a5261377d3432dbad97e

    SHA512

    769bcd853693f437aedc935fc182e20bed4a549aef2ce368eb0acd4e7077dc9551b0659feba60c001ead08b8f3c38e918ea0d6ea1deb39437b2eca892ff8a975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e03dd3bc538bc57c7ba529839cb6d868

    SHA1

    ddf566fc9e5cf6e08d0aad552e2c05f0258666e1

    SHA256

    1907d946152efee3779534b3a9c26d99a23432730d2ea2516a00246dad8ee405

    SHA512

    bf1be4770eb9e0a68ee5d221017a0170c9e66548f889989e139092002fade06da594b3c1f5ba668d3b1e8034679b7bf81dfb3f128cd9b77f1db8661efc90a2d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d65613ff505892a6b0c7e072659d9eb2

    SHA1

    0262d8c5e9a79309d096ea27d77b599e3de2c101

    SHA256

    18635a640f49db2a76fd64bd8eec12d323938532176e2b29df4485e24b2f105a

    SHA512

    4a106584c5441a766e7fae5eb3f2425bf06f0eac63c13c64dab570ee15ce202353dd0ca8659ee3b953ab07f930c6bbba10f02f04b3b2c84671828d78b9ae29ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56ee2b2d17935a4cbec9ca1ae3dec6a6

    SHA1

    2c42db8da199709b6caf7b9860dcfe067e9d4fff

    SHA256

    d6815d224de3d49fee7d42765582b8a475a81abfabc2cc9453125fc7d96c8b87

    SHA512

    5a13856b00f58f29294fcafa33bca56a10a43d7e567f6879b5d0f20424bc4d1f606a1bfbe49c2bc93544a2be1c86ded76ff48a08ac05734cf655a9f20ae1a282

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\kk4szwj\imagestore.dat
    Filesize

    99KB

    MD5

    44fc57f5916c526ab15f909c0774e711

    SHA1

    93dc2df939b217c2e42f44edf9b2d50280f9b499

    SHA256

    7a4133b4c6e0cc45009653c8b0bbf7e5e640e79f1d692fe3c75aa57e0d3261fc

    SHA512

    70c2ad4899849edeeb66ee1c760ea43afc952fc30b83c856a32cce20dff576d1a33dcbeb6a365afd48d2ea27cc126f31ea59846302f9ef4c9ff74a43209a744f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\kk4szwj\imagestore.dat
    Filesize

    99KB

    MD5

    44fc57f5916c526ab15f909c0774e711

    SHA1

    93dc2df939b217c2e42f44edf9b2d50280f9b499

    SHA256

    7a4133b4c6e0cc45009653c8b0bbf7e5e640e79f1d692fe3c75aa57e0d3261fc

    SHA512

    70c2ad4899849edeeb66ee1c760ea43afc952fc30b83c856a32cce20dff576d1a33dcbeb6a365afd48d2ea27cc126f31ea59846302f9ef4c9ff74a43209a744f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQ0O45XW\favicon[1].ico
    Filesize

    98KB

    MD5

    94bed0e172b2d893f1a2e046ed9a9baf

    SHA1

    050d1b4d6752dd973ddb31beca55815e300180b7

    SHA256

    ad44b5a49faee0d955620c627d1710e662893688522e7051dfdae10b42984a27

    SHA512

    515e21806859deee755e617bf1ddb28b363b34e65b4cb6853764e6f53014d405184b6fdf333ae33722d8e7a69b8c93f401c5cacce0e217013237ffa475994fd7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBFC6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC019.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit