Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    183s
  • max time network
    258s
  • platform
    windows10-1703_x64
  • resource
    win10-20231023-en
  • resource tags

    arch:x64arch:x86image:win10-20231023-enlocale:en-usos:windows10-1703-x64system
  • submitted
    30/10/2023, 03:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    252dbcd0d5fe168e7a9010266e13f28c783530e78f9bb69235ff10b3231d0ea3.html

  • Size

    406KB

  • MD5

    baff111d0334a0fb0b1532de307eb991

  • SHA1

    b19075a97caba361f8f9bd9610edbf83b84990ec

  • SHA256

    252dbcd0d5fe168e7a9010266e13f28c783530e78f9bb69235ff10b3231d0ea3

  • SHA512

    927bd688fb75f76f44b0c438efa5a7d5a8405372cd8b5a099966940cd1a4348375b2651004bcf810a4094b819bee7784d24241f22be4abdd59228502043c236a

  • SSDEEP

    6144:rbgcXSuXnkZi7Gyh+yr5hWxIOOQvxydjJZ:XgcXSuXnkZi7Gyh+yr5hWxIOOQkdtZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 57 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\252dbcd0d5fe168e7a9010266e13f28c783530e78f9bb69235ff10b3231d0ea3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4104 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    4KB

    MD5

    1bfe591a4fe3d91b03cdf26eaacd8f89

    SHA1

    719c37c320f518ac168c86723724891950911cea

    SHA256

    9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

    SHA512

    02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    daa59d6bc511e3ec248862c3e5ee5fdf

    SHA1

    3ad6bf274db8176e9d93e319476455ab027dc300

    SHA256

    b3f90472408b0ee58ed31f0625bce6487647d8cb07b4e8d7bd67bc8ba005f2a8

    SHA512

    d4aaa8a1e2b67aec7a4dc58cb4ad4c25b14ca60f0acba479408a5f51831458be44a9b4c9ca2c871ea1513a271ead895abe63536c7ccf52633104c855cbde677a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    87a4926acc655e57478fdf612410237c

    SHA1

    8e89da5028e6b8f5dbe01b924d3b9a83c0be0085

    SHA256

    2463cb120704f2d0bb222999d6bb8a71ae4bee7f7574f8d9853d2f5c5c82271e

    SHA512

    faaaf7d0c7606880b92a174f3309b981c9c51716c0457005b8daed817b598c4f5010bd546febe7dadd1adaa98aba4d2313844c702996d2c7f79998f794a88fe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    aaedab8b1c39e3f784b1a7958f4f147d

    SHA1

    6ac0e3856f693e05513895e2f1cd7059cb1be13d

    SHA256

    ec576a7429cb31b85c5e769cbba011f6814148e6fe2eff4c96c57e9c7ab52e5d

    SHA512

    6d5bc999a320ae1f38f54d778ba97e8059762a9330fe0dc4ac72484141f8226c838899a54cc731b2efb93e632b46899d0b3e00151aa0ecac456ba4f207af9841

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\41C7Q4SX\likes.7965f6735e8e39fbbe73[1].css
    Filesize

    554B

    MD5

    d11928ebd8a1101a2d6b4476ad292606

    SHA1

    e369a7d65299feb97d8c11525d8c831cc463c63f

    SHA256

    7bab9c45d7c84255c431ca155530532d5ea19f30bcb389db20f7edf26a5cd43b

    SHA512

    f3999089fdd2719f70bc2999b1b282452add77eae62c4c55777ccb376bd0d0a3a738e2492301a9816df4885f2693fe47a9539a31ff47a445b2c86a1b8a6cafa1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\SDCQCGG5\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\PAIL5BO1.cookie
    Filesize

    541B

    MD5

    a2784e4f78ea31695ee6a4328d306195

    SHA1

    0947a7bc7ce10b85401aa3dfe59ac2ff6b20957f

    SHA256

    ebc31306eb7345192a35dc16d60566028cb9fb87f040c9dff38352a7f03a019f

    SHA512

    c78b980720294833f379023f769e7a377c134ef50230175faa786f03f95a8eb8e808b20aeba6d9bcb4bc356980d19ffa569e1ecf74e1ff89f244f7814264a6b1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\SXYT0SHN.cookie
    Filesize

    540B

    MD5

    9b3337347c0c04507d8600438e2f2d7c

    SHA1

    8c368ca646756909d6f29218e8ad8ab848c29581

    SHA256

    7ea43a18579e63bcc29fae674837b09b343f2e3ba3ecad872ac761c2d4ce72ab

    SHA512

    8bfc05fa3dd57e4a831b3653b32ca189cee39338af9d9021df99d0a17d2f9fe4ebf818285fbe7fbe01a85b41c037acda7b244cb0fcaa901290c7a7a2791a23a8

    Download Submit