Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch12.html

  • Size

    20KB

  • MD5

    4fa9d6818edab84c6fc62498e560f3e4

  • SHA1

    8d9764bfb50b941e891ccef8409022e0fa97f35b

  • SHA256

    1805f0a86ea9a79045f9db504abc66f6368c6b043bd214468a4bf9ea9c67d924

  • SHA512

    2b51a8e4610ede2f03bbaaa833841c97b216c20a6fc8d300e9722750fc640a1b2b2105572b509eb155dc698e37ccd5b4f7646ac51c8f6e599866608063884229

  • SSDEEP

    384:nyvOMbY/iAQJWovWwX7eQQbKcPOvcqcgyQdv1fYSG+wUMu/kHQmR:n0OkAkWqWwX7UEcqcrQdvJYSXMu/kHVR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch12.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2164 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6cca59ab2f979a51be9702fda53a87cd

    SHA1

    64de0cd8e604acbe060583e309d8c656b338d688

    SHA256

    4fcf68dfbce0567732e5c7328a5a27c9d337780446a8d7fa1024802100bb08da

    SHA512

    fdd19617d66224c2bacf81abb3caab93c95caf3e25d85d19f9a31a7181f1ff0d4ca802c1fe304bdaad1cb488617b0bbaf9f79eb4abfe2084a5d9bc08b15818a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c74ed4578a9cce4150530eac1ecc29ef

    SHA1

    3b420d09bb2d6806f83cdfe21ca4ecb8de2be412

    SHA256

    a0155bcae249e34920c1eeeb5ee7597eba7ad3e65f27318962fd1084e6fade20

    SHA512

    9493685b7da55feded5e2a549fb8a6719dd9c102d1afb90b8b4e75c8834da226da581ff490bd7180a6611eee974019e14067f3c7dd9229a256f187c515bbaca3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3aa1804c472dc3b28d8f11e41e82a9ec

    SHA1

    09bec48204b4b6532e14c701737e0e02d54279ab

    SHA256

    6baa333f77b2a8d8ce4d4cda014a24a5917832098706bc1a9abfdfdce4922529

    SHA512

    2c8b9b0947523f5b2d2c637a0172b234c897c9a8b3671425a04a5795e551d44c30a00dcb393af5a5e7bbdb23a98be285ac547e74811b1c9bc7fa0c4bee75ff0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c80f7a270f13286605144a719ac94c3d

    SHA1

    c70f039498d3528a7730ead6735e657dfdd590cf

    SHA256

    cd95befbb5fc23091cd8748b2cca2bd6fae84f16d7295f5cdf593bbeaddc7afc

    SHA512

    3557b2d9f28d17e38777d6859b8876592bef0cacbf26da35ec31f649f9e524a89640a7366dc37dbd0af1cc33aef9c7103e15e0f6d4f2aa52d594f1c367749f88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a3d4082090b435aff4c412c4360d85f

    SHA1

    e1e5ebba88f3749ea1a553d1bb36e52cfb93ed1e

    SHA256

    e5b40d0eb228d8ca0f0ee368c086123d36b4da469ed62dc87eebf34aeae4736d

    SHA512

    0f896e9f0bf1fbb46372bb3c6d1aaaa905961015a209d2550961a8ca50e413a4e09198da780a330d642142685b294991552527c951c91e848c6f8e1ead14631a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1e8532c712a186ff167becb0639ccb3

    SHA1

    2da53ac6265b34e5209945ca176e9555acfae05e

    SHA256

    8f381d2976dd9a6f1dc2566118d7a8d5b3cbd2fa6c5a2d8f0c3371fc6bcb421d

    SHA512

    508521eba455a7dbff4fc1c6a1dd6ee0e0b08622c71c69d81d3181d075c6e9e2250699ab9fb43c17785803e0555e41aa6e42cc44367a37c833deac6bedd9f016

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f2303c771077a7c46d26d1c306c0d5d

    SHA1

    6e40d77c05d363d5a4de8f55f30699630839604e

    SHA256

    aed2b538da654b9ce19ea2179f591c86a6d072b73e1f970bd651490b1a681530

    SHA512

    81234988e968083df11cbb5daddca87e5a301f8115a36c6c04a248e1a1d57c2b17a77425f2434defc61025632f9854c604bd8235a4e70d88e13470808abedbd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84d7adceeafea2f7d52db6310397937d

    SHA1

    988dcfd4d38c38d3598ae6d3fce7d7525458aeb1

    SHA256

    9c18f3a7e153bcae05de35ddc37fe52ded303a1ce30646c1cff73348e4e5e012

    SHA512

    749b81c43d3d691e7ede4ec8f31d86e3504c5bf755534945f9de9b9cb6f544c16f674b197a9311dd07e1e49bbee0db98864c3033e1f614527410ceefbb39a908

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8e889002d730e8908f0a3446caa4312

    SHA1

    54ce2113a00bd365ec28a110092386e18b77ac2f

    SHA256

    741fe22480df5d1c5a9636a1d286735c86189745e0e536791e93971240edb08e

    SHA512

    056a1485962641d7444b6e913364e847c46e98740e9e4ea8fab10c8965b190f1f5c0286dbb3a2062c3d51f29467249340e90e8adbe59f8706b8744dd176eaa13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2cd443c722c7df06477bb61ee04d2bb

    SHA1

    b3ad52f422984b6f4f18babcfaaca60dd46ddbd5

    SHA256

    4fb363508dd9bdd24872f6d390d4158a7844e1030bc1e6c26cae2c9650d17864

    SHA512

    4d5618d5d661f53da5842d9e5ff6daa62c0786e36e2955463b2db5fb17aab2bb78cdcfb0dca39de4d8e8437c9a4d0cc1e397d24f79b0447ee5e121b1007511e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB187.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB199.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit