Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    233s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch02.html

  • Size

    7KB

  • MD5

    5f549fd99ea5625b9b825269e6785364

  • SHA1

    8dc6b5486680f9aed91955546aebd5eb806c9a20

  • SHA256

    233c935e1f4ba854f2dc9f112c76ba19c54255846d156ba23c78aa6bd14e0424

  • SHA512

    856f291e1484c4f96dce483878c2c286bc433595237d36d5eeb922867df85c74c21283e2a6e27e1d590e221febb809df8bf9569993769a50aa2e49d1d6baeb9f

  • SSDEEP

    192:nyvOH+PlNSgqkcquy/rmmGDdrvvI168U2UF5/EezTRGnV3auFm3R:nyvOetYlpLeufkruR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch02.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d881ff7575782c3091177a6b9c71d1f

    SHA1

    7b33f3fcbd866a057e9c1e28a9f9dc844e2a3cd1

    SHA256

    921eb8c3dfa0d64a43f4f04a30e9c42da11b7be6c4bce5f6fb79f4cfb4878bf6

    SHA512

    43be9b1bafc33fe45f134b81d821c96e7fdcc23c2c3732c8bc3ffa664d264071d091c3e94f3eef29a0375f99dd583247adc161aaedd02f94d4a0f52e54947002

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    465d93f1f6c87779498d7dfda28aafbb

    SHA1

    72d2f33c15b3ddba3fdf6f7be51bac1f24c486aa

    SHA256

    f9208f7ae226894b29b5bd5928f8c8ae72744a6a197874a9d2d7e18e170f61e4

    SHA512

    c1392037bd9c16f6b57db8ae2e7f363151de2d14b2c6eb5678da2bd81aa33ac5d726e553f6a0270752e72d323ac11f36332b28cf46772acebb5655ee4b4f0762

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e2eef49fec53801d09aa78ea0a78f11

    SHA1

    42ac4c2d4d47de513e9891c9f23cbbdb95ff3ced

    SHA256

    55911046c7ee18a65e3794458ae2834785b2b09df503e6f5b4d59a97d6f36ce4

    SHA512

    4aeff5f2cb72e9674796fefe6d1ec68c513023ca226686795ecfe5f6f2bab429e05d9354d8eedf0325c3330f299b21b443c5b81d7a7678d657d4d89f32cfd6d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd30dcf58ab12bad6d8e832a3a746e70

    SHA1

    5b8d7f3299ca5cda030e29b2b7b909aacf66884f

    SHA256

    156fd95316f9ba8a14a13948fbf004061a1b8dbbf4340ceb8f43568a8a786795

    SHA512

    d78cd0fae6303e53f269a1c0f9f7106af9669d06718f4d5c72e85715391a11cf6740c46269cd122929512c1e463eb30a99aafed51f96a123b7e0e69f65d986f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57801ed9593f9e3e7eff27089cfdc7de

    SHA1

    be2021f1294b644677ea154fa81e5d7bd2f30de0

    SHA256

    52a4207e9800a351d5d1ae68392279009758427c35af19aa4f34e848dc512dbc

    SHA512

    397b93020f461c08f2453d95dc5283d817113796afae86aca1a2a6627647052fc0aec22a551e5af8f1d3fcf6fbb2d01267e023dfae1b4ada4268bcf1a783e814

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b1e4c4e23df7300ab454437dac399bc

    SHA1

    3bfe246e7e8d839f7c7bd3150ba73f912a25f87d

    SHA256

    98c35542d18eb299e31cf2b7ecf4dc4f27d325da9275de45b3a502738a78308a

    SHA512

    d35cd837aa76175975c437935488d2d316109f34504cd5e29f2d9b1388714170eadd027f793af55be2e86b03faa434423207fbf6e23d950efe262e2b45f36ac9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00cbd448c76105f08c5f87b8fe4b87c6

    SHA1

    9894d539dd18ba7b636f55a7e9e457a450c0380d

    SHA256

    2ec504313a4132d481b426d28200061916e7a4db8e45402e28037b51c24f2fe7

    SHA512

    b5efb0c15b42dca8dca7794fccac8e5baa0a7e01b48d36d11ae8b639683c5af437841740a5b86b212ceea80396af7da4ce15d6b5fcb786188a84d57b5375eecc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a47b666b194c51a1cee93447f0d7b2e

    SHA1

    9a40a55893ffa69e8034a3bc8739d5e613d63223

    SHA256

    272718187530fdce5f2f2177c446ef183828a2caadd03434be54c3d54dcfb865

    SHA512

    3ff23a856c28b094dce561f504ec0c5c97107c46c345a2b210196620013a685e7c0f0d95a5061eeae0b1677c936af3e04afe727cb81070fb7657168d4b2e274f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3f2b3bf58b5a7fc12f20f5416bcfd06

    SHA1

    7810e0a9104316cba30ea18a6d1b78365fb9ee86

    SHA256

    e52d2568d5f8060c622811e917fdf8b9a9b500a0c0597b644d845fd296d48c5a

    SHA512

    792a00e7a25ae63d9f951da81d478c7cfcd0ced51c85e5291e8a9fd43b5822827b6d238200a882a3bb8d16e3ee0b1f3c688718085583e695254a09ae9913cfb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcd1aec3ab1b740bd095aace70e4e371

    SHA1

    61c95d415fe59bd4c2deeac4f3c2fb98473d6dbd

    SHA256

    5404bf523f9fc4519095fdc986a7623570d89a3a86da6ef7fadc0b8a3f56a62a

    SHA512

    7439e2252a52084dfb834a511ffc12a68cce236f34a0e3c9baba7018efc7702767b206602bf9163961c8c332e433fba2b30ffb41cd492212b399b83e7fe1b6e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7a1a5a2ff3f9e4a305f01d75e4e4303

    SHA1

    19afbf8d0c29dc9b18209173491a315e0c9b013e

    SHA256

    86575f5e7373cbfbe7bac9bdeb12d1d32ae7114dc954051ee7bc188cbc312087

    SHA512

    c2177b6f1aa0ca51e7a06bb59d25b80a895eedd92c4db30dbea6eaf56b4b9b68445c0b0f6ba9ada9721894057a8613eefc378821589cc49dd42a43c2e171b2da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eeb9fd960cb236da9302a6c602fa3283

    SHA1

    63db3311e13872c4533544cabb7442dfb3ec079d

    SHA256

    0c4c7e35a79213236a9f9bf0ba5ef74f45f36cc19616a98b917f0a8dee088e79

    SHA512

    3cbfce1120d6f8a83fd3cba99cdc32904057435f9fe11a7727ce8dc70cdbac1c712506285f9d023c5159561e115e3cba03330f1d10ab79464a11b9c73468ab5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb847d4163a32f134b53f83125f51439

    SHA1

    121d848220f9d21cb5a85b438c866140c92548f3

    SHA256

    73106987afa77b6b253b2085ae4a0932a419a137b92abfa645d5b17d74f9e144

    SHA512

    0083ce62ab8e9da4c1246fded17f3ccf1a5b14c166720424eab36afb2a5071ec98de0fe3e6cd35d0fd059fcc72670b1ff3a3115d930464d50e0917248b626edc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c72288387767a14fb08229aefcb87078

    SHA1

    5ece30116f347cbf227afc00f58e11ce60ad95d6

    SHA256

    2a29fdf0046ee1bddc499515039baf2daeb48dbf0eb566360a4275a4630bd8c2

    SHA512

    bc2986003f8f90e34574d636af2f3635a3ed2a8465b4a90f46a81a61564705a64807a049b44a536638fe23e766d1f1770a08bada9ffe4befef99a35ecd4ef471

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68ec8ed06d01e5566e89d7aabd44f6a4

    SHA1

    6cb735f3cb39c39e622340a63c2949013f81db9a

    SHA256

    ca7a56b6157f472c6dd4e03f6489c85ac7def09cb32024ef393b10747556a842

    SHA512

    02a000c7cbcc874901137f487ed1ec9b363b4e7e8dd894e344dc35025e33f89554cb73b8efd6a477cc540cf3ba831d92e31f3c1d3f9a82d7937f52563f7f1896

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    846e675679bc314edf0c6fa039a1303c

    SHA1

    086721272fbc7c7d5a57fa081a2e6ea95bbe05f4

    SHA256

    23079f07b18e3297f3de753002c1c29bb7d12987d3f39eb643166eba16b940fb

    SHA512

    6affeb649048af61e5d24ad29dc984aa01d649e372f4811dd9da485c268b0c05ed8da6da4081e7a15d6fdb0ea93a71c167e24b71f6a67881cb8d02aebba00f42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    900bdc0e1c710c56a5e315c430462b0b

    SHA1

    6c0d4b6b69c915b8890bba83a26eb00c93c44b3d

    SHA256

    0ccc35146b9374a47f60e6936c4d98a7eb44d6897328504d0e559250be8e41c7

    SHA512

    c22160bb4d8dd6a6a25b8eb175977a1a98aa15b269eb44dc69cccd66c44a005c31e6ccefd4f6209f18c0574956ce3c3bbf9736f775de6631712c9de8128da2ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2c336c628f54b8a1932629de2d9f824

    SHA1

    5fc4c4aea4f05105807875af0f628e09875b5846

    SHA256

    6777cdfe31ec252ed9955c11267d843c3998bd863892ea7daf898babcc63b449

    SHA512

    8cb0b9db1c1ab712c59475ab1809f2fb0640b040fe44eddbeb33ae58528221038735371503a369cc5cc0edb6ac773cdbb23cc64fc9f183dcaf5c3679454d3bc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    210a7d0d3b5698712f1816527ac3cdc7

    SHA1

    c26c278fb43baa6411b810326d69aa18b9e16f95

    SHA256

    b36f404aa009f3beaffc492e0251035fc06ddf56ec0f389991a0f9a0b38e023b

    SHA512

    70fa7093a73c8367774e5bd28ccf11d4098bfab692525a96523bb1ef18febaecd44581c769a3fcac84338e72a05fcd3ac8546ccc39063b7c2ec51c77af0da3f5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab75A0.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar768D.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit