Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

tmp/pma_te...0ec.js

windows7-x64

1

tmp/pma_te...0ec.js

windows10-2004-x64

1

tmp/pma_te...6f9.js

windows7-x64

1

tmp/pma_te...6f9.js

windows10-2004-x64

1

tmp/pma_te...84a.js

windows7-x64

1

tmp/pma_te...84a.js

windows10-2004-x64

1

tmp/pma_te...0af.js

windows7-x64

1

tmp/pma_te...0af.js

windows10-2004-x64

1

tmp/pma_te...64f.js

windows7-x64

1

tmp/pma_te...64f.js

windows10-2004-x64

1

tmp/pma_te...c0d.js

windows7-x64

1

tmp/pma_te...c0d.js

windows10-2004-x64

1

tmp/pma_te...6b7.js

windows7-x64

1

tmp/pma_te...6b7.js

windows10-2004-x64

1

tmp/pma_te...228.js

windows7-x64

1

tmp/pma_te...228.js

windows10-2004-x64

1

tmp/pma_te...9b9.js

windows7-x64

1

tmp/pma_te...9b9.js

windows10-2004-x64

1

tmp/pma_te...df.ps1

windows7-x64

1

tmp/pma_te...df.ps1

windows10-2004-x64

1

tmp/pma_te...09.ps1

windows7-x64

1

tmp/pma_te...09.ps1

windows10-2004-x64

1

tmp/webali...x.html

windows7-x64

1

tmp/webali...x.html

windows10-2004-x64

1

tmp/webali...x.html

windows7-x64

1

tmp/webali...x.html

windows10-2004-x64

1

tmp/webali...2.html

windows7-x64

1

tmp/webali...2.html

windows10-2004-x64

1

tmp/webali...3.html

windows7-x64

1

tmp/webali...3.html

windows10-2004-x64

1

tmp/webali...4.html

windows7-x64

1

tmp/webali...4.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp/webalizer/ssl/locationkw.com/usage_202104.html

  • Size

    112KB

  • MD5

    3f7f9b116c3d20c5ebb36f15c65af720

  • SHA1

    d3e6b870be689d1c1d7981d6db058949fab2d8c2

  • SHA256

    8056596e4764caacaac95ebdba96f035e353038b16e23389ab4a46d84bf9cdfb

  • SHA512

    36273ee5104845faaa1a04e4a1353c3fff4ad1183fb90eda5bd0d60d9f460581b8188176fe2840bceaa64ddaca5d02839dbe572429c35e7aa1b01da2c5fb5c3e

  • SSDEEP

    768:HvTdCBCeQR2sPM/q7Btn+IkAx2KOJN8B80CCAUV7zOmgOuWgt9Gl5FuXSd4W7wGP:pGtLODSv24H83RSnBvhKjI8SFPXhx52

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tmp\webalizer\ssl\locationkw.com\usage_202104.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2968
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2968 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    326213aec21973800035c91e76020fbf

    SHA1

    cc9112825d5d60f4b7c1f2f880f8b71062add9d3

    SHA256

    ada3890fc783c9756d6f3abd46f7b622e3f7c1e841fe7dba746d578f417edec1

    SHA512

    d2d4dbff39ae00be8c39752027b2e5f938911750f27221ef12aab598ae7b4d888846fd59f5f1a99bb05c125a1b83391776274ad44559f461433980f320301089

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e28969038b4d96dc41224c41a872a0bb

    SHA1

    992fe71996eed7a4de4cb088be8366b3d9407b9f

    SHA256

    4b32befa7f678e0743836a792d5d52badf9e6f606d844637f74fb52cb68a491e

    SHA512

    c3f5e9af285ba15dd0a168cf3ca046f7269b06321b6fff330b6e414d49f58e77512b53c716ba78f1eee69b31d4eb12dd4e5159752e7a9e7c4311909f44d814a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eac630d5b0b99680050060bed04814a6

    SHA1

    e0de70fbea5f1d7957e9369a426bd015991ab285

    SHA256

    bad13bfccdc77ebd60a27c92e5a25d1c3ac839c38b22ed3d579b147bcb4d8885

    SHA512

    39c3d876054292ed0a346114408c465e42f45d55dc9164ddae06743c5199ac992dbd79c684dd0a719ea5f8bdbe45af2643705c647d266ef0bbc957c117a23b2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e4fc3a62814bd967f7b4457b0b4635c

    SHA1

    2593272bbe3a6e01ac6ec9413c6c1d9219618537

    SHA256

    bc2eb7e9857ecd205305caea334111b305b13a4e663ff4b543375089047b4ed2

    SHA512

    57b6bb8b000815355d7d1bd02ae6091651f0c5e24f910fbfc4607eed6a59e8363b6fdab42c263eeebbc91ef1d2493594925b8532d1560406e5432ebee504f4ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d52a9b135dcea3d012eb82c547ab4a5

    SHA1

    8f88e1414eff15510077a7380197a26c014bdd88

    SHA256

    fff8215a15d6b859da6feffd17d757db3000a8a77d1a0d7649874ce6d656e318

    SHA512

    abdde389206a80d8c06104e09c5b6a297ed17b1e75775b50a749f5450095a09cb2bf4dd7f425d585f60e9fe3bb4f0801060478723d4baa2275080d52398ce34f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c3ef42c7dd3581914bf558ccfadf514

    SHA1

    f756177a4acd8e39e884dd2f133091ddf2433cf1

    SHA256

    b7b9195fcbd8291ad090ebbccfe9bf9eb2f484a7aeab874a979e472cf7737159

    SHA512

    cad7fa1d068e9ace93031d748c5a040d5d38a5e53823c669e809fb61ce8a9b7a00f068b229bc0e775cdcb2e50fe1c2d7279075c17ffd250ddc07870e4162567a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3db839ea8406f4fcf7b6f62052f618d

    SHA1

    555e92453a1dd9215b66dc9a44ad2d78d083c11b

    SHA256

    2cae538f77aa207e1beaa3dfe87ce11ee79e693c84f790a2488e04cac33ac538

    SHA512

    97981ccd10c335c58f4b0e3531b0dec811dddb497f4ed8f32cabc6b293b988a33c1b0c5dace88ec7c54335b16ff1823a2251d7406f5ea4f2f30ce7d2f53fd0a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a748b890f34e02977e14a4978b8b16b

    SHA1

    ed10b038453a4367469b4b6bd68c2293b61daa07

    SHA256

    d82784b3a9130e201ac0a76c514b65d8c42dd1170bb48b5bb24017fbebe2f454

    SHA512

    3b54fb0661c399154aa7945968aad5e6240d08de2de3bb9dfd21714dcd5b7f8b27f73c1f820517d88b3da60e89930bddf98291a4900ff3b44ed3cd85de32e056

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB8F6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB918.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit