Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    234s
  • max time network
    248s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    30/10/2023, 06:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7lM5ve57.exe

  • Size

    89KB

  • MD5

    a3787e4584ffab6ecee63a077c03f96a

  • SHA1

    53808cfb9366b9dd8c4d71a50906f94700aef0ed

  • SHA256

    59b6b29c8c6b8d082b6ab509dbcbf90b8a78ab501d161a827df7a2bd0764b220

  • SHA512

    67c0cb4e57a0471427c7a0504f6fa35459f1fde468dcf7cfd74b6bc74c5aea70206380e8f4dc96a5dc3b0ec6d1f9033d9dc040e9636ccdef74f11a5e8f289d48

  • SSDEEP

    1536:b7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfkwEO:37DhdC6kzWypvaQ0FxyNTBfk

Score
10/10
googlephishing

Malware Config

Signatures

  • Detected google phishing page
    phishinggoogle
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7lM5ve57.exe
    "C:\Users\Admin\AppData\Local\Temp\7lM5ve57.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:796
    • C:\Windows\system32\cmd.exe
      "C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\36D9.tmp\36DA.tmp\36DB.bat C:\Users\Admin\AppData\Local\Temp\7lM5ve57.exe"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2004
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2104
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    594b690f9707f7a863eba4ecb6c0e89a

    SHA1

    1f4aba4b618ad8dd81a74d2cce31f4869bab22ed

    SHA256

    0b424a481db91ada5d6e8c6f62e9a9143790d223a5428dd5d74b647fe410def4

    SHA512

    2a9768069b0e9413548b85cf7d128214d44e6fb0d4bac18805ef7e60ac9d0c329e64d4bd840dbea7e9121c270a103ff3ab09a513139bdfd98508fcbc24f34457

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebbf1d99aaed5dfab0a3c93945b703d6

    SHA1

    a26830db3ed30aefa8385858fd47d2b614bb39c1

    SHA256

    a6183c7cf361d903eee15547bf5d4493d5a40359344a870f5c213585b1365c0e

    SHA512

    3695e27a836da4982b992a571a86448b03ceb7ca5172e9e0de8767d41596bf633ae9453b3098b8c205dae0c05b8c5f50651a6cdbedc5a89ae0516b091c045990

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2adfea44da6c0258ca48842ac9d36fd7

    SHA1

    38250c0e9b2ba75a00638d1acf8b522f1552e8e7

    SHA256

    7680f26cdc3277ff96a3ce4e416195c509b970eec7744cc97ac34ec7c1b82494

    SHA512

    36aa221e4cafa495cacabdcda239167858fc4c82027b5db5ef363c2633a3232e34da5494e2fdad35247b9bbc7f0d43ba387a07b3eeaed4eb748b4953308375eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75fa21ccd671e7f01a1a6203c9729f98

    SHA1

    a1abbb301509b7681ac7e2685900a38ba8233e9f

    SHA256

    29446e68f10ccc963a298d0c02a3a1c1262ae189b5613f300f672f0526a154a0

    SHA512

    7b0d8900b23ba941ebc4ccd580209b4750c48011263d295ff5eda78e7b5dde2148f72ee78f34300f2abf322359142a1f32eff117a3ebedd7497ed4c6f12bcf6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    66eafa508e7a1caaa10dab798d264b4c

    SHA1

    a53d1db58aca986f4cda082eb6dd9b18fa068093

    SHA256

    9a38c30255992dbe4ec8e8f335db0e5a7bfa4008061d2d187d607150b8b39df1

    SHA512

    20b648dc41f4eaa70d7a25066447bbf987e534dd91b84df3b9d74eaeca54fbc2dbcad7eb2acaea7fef18e7c51018896dbcf7665453b93ecd4199a5d7756e53de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2b2cc37df6abb9403e26038b7016b39

    SHA1

    bec982571e5005115d2e41c4d77b2c2dd590c518

    SHA256

    a9eb8a903500b76f3fb82be1cadfe07b820c2468ddb1279f11f32b1dd96ffdec

    SHA512

    0d4176bc5668f429559ecb11877fe36f49d485240ffdc8d2f3ad4876ae828f9841957733b5121978c7543dd09b2f8dd2fc7cc710babac516176d88583fafb3d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bf2266c198e6f40c91107ebfe7db1c2

    SHA1

    d03a76b87d09b7972d00903760e5914677554c1a

    SHA256

    e19d5d72fd88c2b01aff5f20b432598993a903c971ff86701bd4db7d66933753

    SHA512

    30ab839755bac38363474bf1fbf9103670cf24d25fd7a655c9ddb50105908e38881225e4ce7718e2a9085b08a8cd7da29f5ace3c6c8d73f2c3b8155602857696

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1daba692486f61ab213b014ec53a5e8

    SHA1

    b144a69e2013de17162a16e2c88105bcc374af46

    SHA256

    f598550d0aee1567a302c2e63ce1fdfca5d6990a57d362b5fbb426d4b006e339

    SHA512

    7df73a93e4ce3130b0eca38cc251de16a6abbaefdbc76872932a83ad5746f3babdafe4001b4600255cf6be53962ff639bb16f6862345bc5cfe16f09454709850

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cd14d23ae8e4380b700ca54894574e9

    SHA1

    67285607537b0bd71a3277d0ebd5a6b49fcb8f14

    SHA256

    89dc7536f20e4a69598bca9fc352f20556ad4b090cdeec85bbb9521dd8577c25

    SHA512

    28f804db6a397a9dbee46e66c3537504d812df3ec3be4a9987a29c6fd3be65bd7a954e47bd11323a18e50cae0f61f8551809277b99c56eeac55896c800b708f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e11ce656945e90cdfa6bfa4d1219e4d5

    SHA1

    ef7138f5608f2267eb1d40380690cd5d2d89993e

    SHA256

    08fa1132e489c62bd07dd28263b73cfef82b88b2a7bdc9240c7f7f3ff41531ad

    SHA512

    0666c3be6d073ff087c829f82f9151a4c4f764c3a8e9ce01bd8a2baf7087121fe9efcde9bac8f215aa52523c58099f702ad3360eb2c13cc8c740cc9dd485c99e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7e05ff624ab7b7d3874c29f0c9895c3

    SHA1

    ad68a3faff7690f13176d66fe0b09e1cb589c509

    SHA256

    fadb07360b05aaee60645ebe7529ac4b17bb4079d1cd215f86a009746cbe13e3

    SHA512

    4152a9c14b67f5d868737d49d56e7bd6af60a092dc83a9d8e7a3e34d4b7eba6316fd83ae53017fa5447d6da7ce2937e20e62d230c5981487fc0c2d9a4c78435b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd9cd68051551b05e021a07e2e181c82

    SHA1

    26a107ed15cbc476ca8e52ca61fef7d6baab15be

    SHA256

    ecf48e48a11bfc527781c2bcd9e6b01225a084b77e2484a5f12dd8843b423816

    SHA512

    f534ec0fa433fe35e5db1c30d7380881588c94a413155e4671d35c764178e5f550c51b13c9adcb33624aa905e102527224c971a6eb3ea0faf5f3d64d8de607b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d20bc71c48bb14874adb48143b267091

    SHA1

    6728a3105867e2f23d0ee8d13f41940e41b10fa4

    SHA256

    acb8dead41968995b15e64619a878ece70a82272fa7c832859a16bb2c1345d3b

    SHA512

    4ed6dcb0ba188f0761f71331adffdd6e38ac69fc2084e3811adb751bdb3595ab10e25e3fda5ba4cb07edb9f9d9244ac2fd19d042c358418156e60eb7fbac6a31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae963d272a1f89ae9de665606c13b377

    SHA1

    d46dce50ecaff0852f4d38104654fbce6493ce9e

    SHA256

    08ef45a1019776965d4bfd9db3b545f76222739b017db889f1905b46a618e37e

    SHA512

    6f211029939f2cca16f33c9da825c613d51ce78f8353a98aa5f1d1580a9b0068cad39590c4f12875c566be3ca283514f47d0fe88ae67518bb530940f20426173

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dcaa3c278f6925417ce1d8333b74370

    SHA1

    93aa0c84cf2773d7e4e96daf0cba0169daeec4ce

    SHA256

    9e7401a69d31ae6ba6cd2a891ebebc45c2fa63e89164a612de7321f45601844f

    SHA512

    20a3f865f5313df3547f5d7b8a8ee3d8808a95e9560de488a85c97e2d4470d2b44429808a1804c9154ef7c9f7b6d538654db2876f38b6b98f0eb2a42923a5e46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebc429716b219d0b0d6f94373c2b7192

    SHA1

    66d9020f48294d4ff7dcda7545d1f937efe77970

    SHA256

    955b82fdb41fc5a9f87331a3eda28518867f105b69a7308f3b6526777ceafa55

    SHA512

    6c204d9460f6d4113f17f98b3c4fc3bf448b6141a1d8a20f68638e2af3a7c2e2e94f5dc9752b7633e919272a0e34cf3d869ef94c1b1e9c86f20e8dbff943108f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1bf3eb24da056d34a15c208275c70b8

    SHA1

    ecba0008904f823965c34103505483f7f7da7a15

    SHA256

    e19d33dcdc729153461bfbe6e0a10b584833bd9bf7a36edb494edc81584b49bf

    SHA512

    9590bea8f4383a9a92db861b71983143455e1ae016d979e545d98c933ec24e8f07e2c4273eb31b011109833ec2c04c16bf98a25c496e2c593887e70dc7599fff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9765e2d8fa71861da6bcf6a2d2daf790

    SHA1

    32e8b6ff81bcfef495a753ca2529058096dfc3a9

    SHA256

    f4ea32b21628c665fcbd218204bc605744461336d215aadc1dde7495f32d0a95

    SHA512

    02acc5c7a5029fea00755321180bdf55fcffb08eba0ebda156af2db2691d21936b6b1608a466aa69ad0a3f41205f497e97808ea739638f5b8d0106ed35b46835

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2f3d796063445bff1710906c03afd62

    SHA1

    ecb3cd533f7f554628f7ee89c9e09f921f3caad1

    SHA256

    f685520f9e4007c7f4528bbe2c13728136173784bb649f56e0267dac944ddbdb

    SHA512

    82aeb3521b34e2f21ecccb6a00fb36ecafd2809baaf120116ea19690ef6e147d4a3bc20e6532bb83235b0a371a94c1f14b5cd7fd2f38cb275b36878a988335d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    308f2e8dd2906896823df1c25567f9db

    SHA1

    b5f72e0b1111b7de3d86de55b194bdc8e9ed9fa1

    SHA256

    1a84ba9a9d01fbe053fabf2993e426ab735aeab74e0cab71fe234acacbd1ad4d

    SHA512

    712c62a68385d2463e858d65a2234d61000eb65764ac12aa4311ea81112447de4e606f079f40c9a646494ed8c7ccacf593ac8ac2d8f796d724b82156189ff91c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    061d37e82a2035cc6d6ea62560a8b23f

    SHA1

    4eb70a0a48cb374f19921c10b36885d4ba76a0ff

    SHA256

    4088dc85d323065d899cb18d367b49e96534842287ff472014f2c1b96a49890c

    SHA512

    bd07046939ce955d1159ebba3e1de2edc3b5a0d137a90dc27183562113fd82599c26e550b628fe894d8577656f738f232502fe5f81141f7c5548b810f8d867ba

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\pagsbca\imagestore.dat
    Filesize

    5KB

    MD5

    662c0d37f46aa84f872985534763a41d

    SHA1

    d85f930b89f29c8177e087e58e45977af2a08824

    SHA256

    f50d6ca5afe19d0fc3b754a7064e80ce32ef0d13cbaf6e3651169c8085ff7307

    SHA512

    a498d2b356b54086c00338cbdaf8675c8c1b8567c6201b8e6e0c6aeae2c46b581675c35d869bcddf29f2ced0362245242bd2931be1fadcce57e38b03dda95298

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQDFJ88W\favicon[2].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\36D9.tmp\36DA.tmp\36DB.bat
    Filesize

    429B

    MD5

    0769624c4307afb42ff4d8602d7815ec

    SHA1

    786853c829f4967a61858c2cdf4891b669ac4df9

    SHA256

    7da27df04c56cf1aa11d427d9a3dff48b0d0df8c11f7090eb849abee6bfe421f

    SHA512

    df8e4c6e50c74f5daf89b3585a98980ac1dbacf4cce641571f8999e4263078e5d14863dae9cf64be4c987671a21ebdce3bf8e210715f68c5e383cc4d55f53106

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3BEA.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar542C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit