Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    197s
  • max time network
    169s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch05.html

  • Size

    6KB

  • MD5

    b9e052e266d8df39f0779309b61bf6b9

  • SHA1

    fc9102b1cefd8523ce8bea62816be1a1a2e6f016

  • SHA256

    8980eacba1059a74219f03e1ca9ed1ef8f7ee9f12d01205c16a49598ef5b174a

  • SHA512

    d4ec404184647ca28c520189a198f7d395ce524eb50e4ea9c3c5c38b473a6b95793b6775808c6ac9252a98c8128828f75b4ea05b23a3dfcdadd266d6cd8b0086

  • SSDEEP

    192:ZyvOHU4cNSpnfiAXSkKZHlyK6Qar08+jg4gY0:ZyvO0vYkk4H8Qi4C

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2728
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2728 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d4d199e248f92690cc342cce0d012ba

    SHA1

    383b9a35e9314dc94cab59259d6dbcf010fb2a37

    SHA256

    19a36700a01b6107a5a550c393a07b8e79384c39799b95a133b8aa5569b5f3e9

    SHA512

    2cd455b02430052f5cbfd40333a23e8439bea0d1021e599bf14c0cf1a5d2502d9ed9fbb2bd2718252b385d48fb84888b59a8ac5aa7682bf7b4c6e847bd7d1203

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7f29ee3ec9167eb2e2a39ed3e3e6501

    SHA1

    bcfd55dfa39d6883440b7558efbfa839bee452ba

    SHA256

    7b42487a765f0f0a5c332eff3f0c75f131572e2579f85e468229c76ab3ec092c

    SHA512

    3688490be879ccdf763957d0b9690731f0e18e14ae644177b8e29f476dae554a1ef81b9210933bd9a572dd6c6a5d0e6f2010d087315735891e36e3e2e3cfecf2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    500a33275484f53394d048e37a7dcb79

    SHA1

    2147e1b796d30e6f1e1b824402f74e5955bc7a06

    SHA256

    33e344aa425442db880ad65a5f3dff71e54eb8c2204c3996de3efb51a39160d7

    SHA512

    218d218405ea9523bb71a9e7fe4227c18e609d8c3ef44a8c1a60506b218bccf60dac7dcab68b7921044dd7aaab25e9a15337b5e4a026cd5c6f27681a2e36d149

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af5c903f2cf7d808e4bb5345e01d5812

    SHA1

    80cb8cd881e1f78e1281b6208d1355430e71decf

    SHA256

    32e8a43322d3056a92e2d88a6ca8e1f87de59ced1aabaa31e00bff177b10ccf3

    SHA512

    9bb586c417b83be9ac316a4d5cb191be4d54b4a4bd7dcbd37ae715682094e0d311aa1eeecc100c24818cb5c522c6e9082228967d4747f5cb8a9a1a83bdb2fdf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b98f825299d7c7e97dc6b0f9ab939499

    SHA1

    2f35e3f041926d7dc4efefbe9205823997ea8ea5

    SHA256

    a89a1b26c3e9f01f6ddb7d3cfd46c91db29b6bd1004ca44e140fa8663f395f65

    SHA512

    ad9d13cbf761b1242cc9d08172ff64a8cef11b33b4db67cad0a65818b8801fd9194a28aed13f7e945b40e28ac17084189d645f4beaafc5ca6c8165e6e8ab75ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c207e660fbe2fb2ffd1aa43cf2681c98

    SHA1

    deddc3764e463dbc49bbe1bc59b9383906939c1c

    SHA256

    992e031bad243f6593e84e85bb4a3421cf2afcb61512f35ef4f68720188ed1e1

    SHA512

    fc0f78a58273418ee4717da1796c341f3be5d36c07efb6dde67a0d6c8b9dde95daeb412975b68ab778006e1bf13df7f26af4a977e7d0c4df172872341ed5adaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e1164dc73c1755f2d24ffc266baff9b

    SHA1

    0a9ee65d105fb241bb4d83832b68f4df69144534

    SHA256

    f51e34e89f5a2eaea31c4e9500541d42c62eb7187e6df280ac503fc1ff0aeca9

    SHA512

    f982264025cf2f0ecdeff11bc9f205a2fc2f0abce0a132f01e660c88a1540ac50497a4faf415e3a5c6678c6ddc6da93e52d93b2dce19691bfbb3505e152dd556

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8873.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8961.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit