Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

tmp/pma_te...0ec.js

windows7-x64

1

tmp/pma_te...0ec.js

windows10-2004-x64

1

tmp/pma_te...6f9.js

windows7-x64

1

tmp/pma_te...6f9.js

windows10-2004-x64

1

tmp/pma_te...84a.js

windows7-x64

1

tmp/pma_te...84a.js

windows10-2004-x64

1

tmp/pma_te...0af.js

windows7-x64

1

tmp/pma_te...0af.js

windows10-2004-x64

1

tmp/pma_te...64f.js

windows7-x64

1

tmp/pma_te...64f.js

windows10-2004-x64

1

tmp/pma_te...c0d.js

windows7-x64

1

tmp/pma_te...c0d.js

windows10-2004-x64

1

tmp/pma_te...6b7.js

windows7-x64

1

tmp/pma_te...6b7.js

windows10-2004-x64

1

tmp/pma_te...228.js

windows7-x64

1

tmp/pma_te...228.js

windows10-2004-x64

1

tmp/pma_te...9b9.js

windows7-x64

1

tmp/pma_te...9b9.js

windows10-2004-x64

1

tmp/pma_te...df.ps1

windows7-x64

1

tmp/pma_te...df.ps1

windows10-2004-x64

1

tmp/pma_te...09.ps1

windows7-x64

1

tmp/pma_te...09.ps1

windows10-2004-x64

1

tmp/webali...x.html

windows7-x64

1

tmp/webali...x.html

windows10-2004-x64

1

tmp/webali...x.html

windows7-x64

1

tmp/webali...x.html

windows10-2004-x64

1

tmp/webali...2.html

windows7-x64

1

tmp/webali...2.html

windows10-2004-x64

1

tmp/webali...3.html

windows7-x64

1

tmp/webali...3.html

windows10-2004-x64

1

tmp/webali...4.html

windows7-x64

1

tmp/webali...4.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp/webalizer/ssl/locationkw.com/usage_202102.html

  • Size

    51KB

  • MD5

    8ee9c82e4c0cef9569b50508a9ed9b22

  • SHA1

    835e907ba6a83d008c9b19d408c31110a25334e8

  • SHA256

    afac8d92d5c6866386a4c9505b3ae6fd8dc99decc5c232e9ef0ad94818e0d601

  • SHA512

    4ddf298dd4a9c8a48e3a05d39159f526a0b1805c6051975a84a464e3cdc7b4f9f873139320eb9f900e07df011442f220c7aa15ff408a94688d8403380909a245

  • SSDEEP

    768:plP515lbXiA1KwJ2J2hK8ZIwxVErbbb3bbbEbbb5bbbObbbbbbbunxUZj2ZTFoPd:plP515IISF1tqDcKf52

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tmp\webalizer\ssl\locationkw.com\usage_202102.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2880
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2880 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08e3791a7650f51ada79f0e03f1abaac

    SHA1

    4ae766af43376c8d0cb616a6bcf1cf36df0962d2

    SHA256

    aa79bf7001dc746765f76a4577f4644a215bee60377d21a7209f0f6420fd103a

    SHA512

    ebc28d41158065eb4b4812578cacdcd4e31b92556db787a1545bcb34455fcb62631511444465c2f932cf2912705ef13512fd7b1ae8990fb8b3ebe0a9052c6bf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48584061027468293fe3c4ca76e09673

    SHA1

    9f0341475e1f7b1a6aad7a642d2c2759cfca9ab9

    SHA256

    5b01b6e0b3119768da38ec79960a7347c4fe0dbf35aca6f09c7c015a7c6bf730

    SHA512

    66301c18e0353684595c3c0e536aa57bc943fd4f84bbbe53b7e3a83414cce5ac1dbfbf566da298f3faa59167dde4bdf5899741e655e2b37f3d148fff9c98eb89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c706660ae5b474bf7f8f8940da062601

    SHA1

    f8f05beed253ab0144aaa0755fde30b0dd5ba7e2

    SHA256

    67a0bb20caff1adc98b093feb4b5b8382f42a9df9fa32808b1084afa21879834

    SHA512

    5299ce4db5d9c4fbe7c0b56fd3a1a8b41049bee52327aa8961cb4c0a4e0c3dd6da51147f7117ba869064683ca6fd8d2d6219088335c3a1a13d587b23297c8b5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cbb40d7945d12a41315176f03146cad7

    SHA1

    0344cf6186c04d8c4bb86d33151d847eb41aa157

    SHA256

    9afc12a4d3d39c2c9acf8cc9e46953a35ff3d78657a90de31ea0517d978e4cbe

    SHA512

    65a7be5ecf2f9ef9ca7ce2dc2de75e4d5f61ed077f3e9bfa8ee6eed45ad26a662e8ad4e114abe645b22552070499bbab91ffaac84a7650abde71c5643f7180f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d67cd103acf088b6ae0d5c642962da33

    SHA1

    7e7f008c51f2b7d0cc4e00597bab968dad0a52fd

    SHA256

    93594369c2fcb4e76805a40f60dca6ee49013bdbc409541769e84f170a561d06

    SHA512

    d392314722b29672383e135ad0658d25fad402b05eb49f4df830d8b4be1c555354845a3c91951804089e822a5c6e144b96fd5c9ce853d3110a61b78bf10671c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be59ad74671eb41bfe96bfdc80f65c58

    SHA1

    27952280dad5a5f890744a47c4aa9574e6750e65

    SHA256

    b6748a86abddddbf6edc3a6e39dc018ac1713a3b9c545f984984404e2a512497

    SHA512

    5a7450def7c09c4fe4611564aa08a15eb122144cba33c37d2c6d4901b20e4c72362bb3fb6c71749997e141740fa42e6a23b2da4ad6180c37eebacb2bd2d8977f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1dbd6a1efbe4388011b25ac80b4fab2

    SHA1

    60a18e78fbead9fdd6bfc637e70fb2e5e8318f55

    SHA256

    eb41bee4d8da097e47ff405e6020bae03db6a327d795cb6331852338bac041d0

    SHA512

    aaf1907b7e4dc7d96ff7fa5a0e3b293d849a019d8db715eee723b3c05c3dc693ce836a3a69b588f58f84bbb203c883b76f9df9d777a4184af61dc19b50a83062

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a44967a3e60ff7c174ba11868ca0417c

    SHA1

    c8ef7515fa217fa042d284986f61e3b1bd09d47a

    SHA256

    0ead34a68a645e88e8b542e30c4bfd0eb5d8095ce9e12efc3cbf8e95f1e5c510

    SHA512

    a1c4dbe99491dca31965c03152c632521b6d8147501c767aa783ad8fce13958f6b3f3e5bf76be81471fb3eac609514e4a9737e3a81719c3ccfce2725cec3c7b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fbbe1c41183ed167b265dc7412706fe8

    SHA1

    5ec470269838a705d521df05c8328c0af43050e9

    SHA256

    725179055c3467af47a9f20c0b5967090a37fc0f1d1db9ca8a1c3349420895b5

    SHA512

    3d9b9648194dccf282015305cc96e2ff44b4a0f8d41c177a587d56e76d278c35fe8ed786d4a113ff81fadf85cdbf7010092228308f9e118188db8474be3eb27c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f15bab5fd0c0a31cc5fac0b385dfa05b

    SHA1

    bdb1d9a328154428824a78bbbf21ad236bffc9a9

    SHA256

    e60733aa4e02c99103f7c9e638413da1c98b9fdc64f7c18469498deae6631dfc

    SHA512

    2f0d81dcb64c8db4c2358dcc09630558edb7efaf429b266aa6bcb624234306f7b39caeff54cb3a98838bd08bb9a8ceaf975cdaba22a41a5645b57065c4a4e158

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fcf39dd99edaa12d0caa763010f3eb87

    SHA1

    51390247731a3de4d2a5b6c405642dfc88a80458

    SHA256

    083c95d8e9605279a36500b1261be011a1c3be81295727bb78d4d57077055f51

    SHA512

    d7a06b1ed5cb7fad42c38b0cd98a14b6ba3f4a7492ecc541a18468689ff0d5f7b2773afe45520716ce90beaf791d8b7f84662d645f9344f3049a855799a2d466

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3758ee37bd348f570be9d174f62411a

    SHA1

    2561d5ffc15298ce232102ec9474af52acaea7dd

    SHA256

    d5ccac97ddb9dab1f259b0265730d72c310481a1d865adda8eff1bb07aa731e2

    SHA512

    5cb3a0029027b943d767ae7ffd8f968719f859633e827d14af686cdf5174eafab18cbfd488d49cd301a40d113278ebf489ed001e3a079fabae18098d2ba0a4b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93e8a4bdcbd157dac7f2fe5407d59739

    SHA1

    177d14746292a052a27ef339cc3cd3fe4fb467b9

    SHA256

    87d7a007ef27309f48c7b1eeeb7d3c0d53ab6be0a8a5ccd039bace346cc217eb

    SHA512

    b4d8d418328febfb3e0a892d9068ad667f3efb3404e95a0043e3af5f2c1758bb2aae36bc8136a6859ecc136ec5aad93cbe90075100aeafb3f4cd0eace096e7b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f2af642fe13b5c09c464d3a2319d9d0

    SHA1

    aa4e904cc86fa272a79ac5983edb8cdae5b4454a

    SHA256

    e2d403a7d191029a2fdab5582f5289607d9d638189bceb5891616bbb1072206b

    SHA512

    70f5ae6a547974ed0f7074c6548451b1ea0fa66bd884f9d2594bca76654ef3962839d2d094b80e6e2f6a0d3067fc5a96d4e0478d7e0e78004ad72ae288b59968

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93e8a4bdcbd157dac7f2fe5407d59739

    SHA1

    177d14746292a052a27ef339cc3cd3fe4fb467b9

    SHA256

    87d7a007ef27309f48c7b1eeeb7d3c0d53ab6be0a8a5ccd039bace346cc217eb

    SHA512

    b4d8d418328febfb3e0a892d9068ad667f3efb3404e95a0043e3af5f2c1758bb2aae36bc8136a6859ecc136ec5aad93cbe90075100aeafb3f4cd0eace096e7b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4ec7bb9433b9c857e15a90003c8d881

    SHA1

    021277c01cb88314290e4c73b5ed68286b0a4010

    SHA256

    edda8028ed7d49986c4f9d90ffccd9eaac364949c2448adb0cc7b097beb49161

    SHA512

    f040e8e53a4c7a91738908f6e2cd1ab7a6503b95d6cd3972a072d6a3aa8a2b0bb8b22dd13ba9962d985009f7c5e39c02db377bd1d37444c01c7467fc954d9dea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e9b803f8c0da1e8b561575636fdcc55

    SHA1

    750a496f0b1285a149999737b502fe0ca58f06bd

    SHA256

    665aaf6e42920d5d1636a94bb10165163cad508e488c93b5cb772260af102a5b

    SHA512

    0216b7b0252ac8e72efc0e3d2725f41e319a96f90674ae77651d5344589d9c55aff48d3b945821d126359b42f6fead37c2884aa3e1d49abff74502e4dfec3fb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfd0f4fd12c43d2c5dc25ff789c32778

    SHA1

    d341b404f077dc7868b0c6769150ded7c7f00564

    SHA256

    0b7103bb632a4f359b0cd56f391263ae1d260bec45af7d2e43ae6657a48725a6

    SHA512

    750e95282ed15f0bab0a04a8b88758ce5139758bb1108ca091a9d8c0d121dfbf04942bd9d1f62a0ea6726ff36551566ef921fbbb88e80867b2356d3f82cae484

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9DE6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9E67.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit