Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch03.html

  • Size

    52KB

  • MD5

    b206bb0876cacbdb4d0d447236ec03df

  • SHA1

    1be5953d49f2f9ea250a2167aaf4de3866f7a087

  • SHA256

    d6dea2814f1dcad9261d6d63a8cdd7864797a03b26c75a8bd17a042de4bfdf55

  • SHA512

    21f82a65d61d2b4c3e34a7380b01f3d312e837875cc1ab133746b542579104cc303b8432cefeedfce475b61459831860a5c3179598284f3580a1e8b610cf00ad

  • SSDEEP

    768:Z0O+3tOxtbdjxvijhf8Ge0ENAaK/gZu3WDRCw:Z0O+9Oxtbdjxqjhf8Ge0EI/gMM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch03.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    738a3ecd5ecfe64f031fe9b2fa3a4a8b

    SHA1

    2cccf98dd42f75235a2f77b4877a8d962c71233d

    SHA256

    6e286f189b417c63479b85fb30ad012b7ee2552c2b649fc0376e4a1eeba6c75f

    SHA512

    8cff9a2ab6a1e5df6ae9e6de2b5eda74b18000b5cce3f0ad62a1e1ca19d2c26b0e859d09d7bdb9071f0d91e658cd0bb8072c0261796af3d96d5c1dd4578eb58e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    917556a732ee721d6c76af0353bffd16

    SHA1

    2611efdbcc7e1db1a9a1a8dea5adfb1e32d51966

    SHA256

    defe8b18c122a2cb22d5e0534881e7fb45b10ce04039869d38705f5ebd926751

    SHA512

    aab32253a12641820f51b69770eb3725b70e0eb8d6d6e981c8c7984625db08be046f82c216631d08c8062a07598c271bb0a9337a6ee8c2028272ad60a9e2c7ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8ad6613c46eb953172df469b3ef9ff9

    SHA1

    d9933666a060015bef56f8bc820740cf6c3e1f2a

    SHA256

    f282152e9fb98bf81828dfae2c6f52f5a95601b58614905e2a3f20488b06f4d5

    SHA512

    09ed404ddd33d2764910ad43c4430fd41a3fb6c2905895d5f6c4b93643c9d4913649054f2e7b4d7d0db2b3b8ed0ebf809eb498125a48081d289f0f35a44e76cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7cf5670b0a19c2ef45a99bfc52f2b2e6

    SHA1

    21f23b550cc7af42e1401cb4458dfbb563d6522f

    SHA256

    84e633b22958f96d6e4da071587c85ea854b7662cfe21300d59e7fb14fa6bb82

    SHA512

    1630d22ee1ed5860b9d8644c10a18bba60a9d4811bbf00d386cc770f0897880ef7b211dcbe2bb65446faec9c3ca6381ba9b7a6a88068fc5112839d1e79644436

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28ca47302321be02ed990b2ed97beff0

    SHA1

    5b854a9eb8afc818e7907ab8f9ef33e829edf8ec

    SHA256

    73a5df3e7dbfa17cb30fe6ed92b441ad93cb4ce2f6f46c8faf1d1464b07f2441

    SHA512

    0eb4bf615126dcb4b16e60c94c77de580ffd8a4eb97eeb52910a529469a852c212aaddfdedf3eb57bd5c1180165924553b0c606249a4e362c0756be9f8ac18e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a22e4008047785311a6c0fef56bb7ec9

    SHA1

    2f6cd770267e77037d3e1acbbc8c275b81fc5f5a

    SHA256

    3edeb2befde5dac99df912bac48b14aa080abfaaf48b0f2a7a8c5a60f5f8c28c

    SHA512

    e192e26ab514888cfa6c91c13fc91d1ea3c58d27eae278b6eeb92f6609e9556c526d193b134f5873fa4a34ec411f629e33ea759c704ab485f9bbf93559a8f291

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    283b940a14b83ace4b6fc9a6ed04bf75

    SHA1

    b0b63cda9b9dd79e277cb232cad48fe1d8be2475

    SHA256

    2d9673ca387e2f35da7707a306aaddd4ea9f18239cc84cea782c1fdd0a627f71

    SHA512

    2e69c690b3ea307982a3fa88cd7cc20577e4c89b48826e63588fe569d82c969a57c25f60f73092ca8b3a438e6b74dd70d33f4ba72edbb4af7dfd207d3ef2fd88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12d61f1b79babf77a9c18ec74f63ca8d

    SHA1

    9f083d455c619cba511563a3b6e3a307d014df29

    SHA256

    ad5e84a912ec99979d0f787c0809212e81d7a42349920c4297f9ec733926e08d

    SHA512

    39419693f4fb70bd3c2a4e62beaff29f283e67d86d29d5b3629cb4f25e9d9aa28b4756be4cfb7592076f8c06c887681c4b8007cf947073462c7cbe3f2875db07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb35847676337dc1fbd6a6fa2fa24ffb

    SHA1

    a3dc2fe18800b7924bf5cc460c4da25bbdc51f68

    SHA256

    885995303c57d40b72f861d6a8663c2ba167a892ec5884deb87843e97f86c332

    SHA512

    28252a0a816baf67b4974cea0a27369c86143705585f8dc96c90966c7c78369f33e1203ae46fc1b1aac63c7f2f549b6f3b9e62cbf715c7f9ba70e743d278db47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c4d4d67fbc85a7093daf8a702ce1e28

    SHA1

    57b719878576f55bc31330ffd1336582402ef9f8

    SHA256

    4a0ffec6b458f510343b16a283030536980a8421d1d064559ad2c0bc29cd5ddb

    SHA512

    e6b870c3b7997cd6d9c5d0b125d5160b3a9429c4ddcf615352de68d7287009140e0d4d691d1566405b40259d0cd1bbe5b7c6d5b81cffa2acd0c98814f9ea7ab2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c55e92a502bc24ea81ca468f1fdd71b5

    SHA1

    43d159bad4b8fabf3c497478e06cf1320a0039e7

    SHA256

    1f3fb99c845b8e1a6dcfafc8f4bf5215361e58cdf632224478a5ba5f471e3e1b

    SHA512

    6d36fea3f87cadb80c4b9d8cf1791762eb6e1b6a695e5a78e047143bd021d09bbb565faccc495ab456851a5e03618eb84b6cfa9ec6361d81f6338b4626e0f3e5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB57C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF28F.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit