Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    213s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch06.html

  • Size

    426KB

  • MD5

    b98a17f1528d15127dbbd1bd9be8c153

  • SHA1

    ad5a1306d6735371214bb8b493eb5f6e4227c408

  • SHA256

    4a6c34cad30161611b6e57a051d470053ba1ae66297d573ca259d8e31e742c02

  • SHA512

    635ea20291b1c851f19c63f806e2732510a809611b2e99d40a7e9604f03c5b8a0bf8110674f9d2083da2e9881fa5acb214b2e39f0bd6fa118deb5fd2799feede

  • SSDEEP

    3072:y0IHkx37TURzN22AGNM3f/MWpOSW4SkR43oeVpPVGCdt5RPhW1:y0AMUr2v1SpVGS5RPU1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch06.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2664
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2664 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5a2f6d539981151c2cb9af7b3e31f15

    SHA1

    7161bef6a462b9cf9e5a6c32be0553795dc2422e

    SHA256

    666e15c6ed6f45f40f9db0112ccd265abef9753fdb37edb0fbc1f5b99ea44ebb

    SHA512

    550c5705c13c1ec1ccf8e998e9b485d637abbc37daaed3a4570e0922a82adcd387cca90f7d8048c572574a25573fd7362781ef572f0d06d5aa6ca0935d45a476

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f3be8a7354bcfcea20ed03e0f5576df

    SHA1

    3efab347d255c5bb3cb847008e8195b97be9de36

    SHA256

    83adc82980700ef98681721dc3358719ef6d3167e30eff2b6eb24b0712476ea7

    SHA512

    eb5c237d86f5278c2aca9a8c70d27e1a0934160fb42c7048bcb4b87d95d41b847860f031c379beb3d3d089e53b657125e39e2d326d2991bf3355168fb0b3097c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    345cb229f79a4e2903fad99cb7c4a19f

    SHA1

    88d645b7513bb2641fa99a9b7f78147748a3034a

    SHA256

    6ae8c550453f92eabd6d5ca4b7e4919955dd2c0d15a484d0b13a46739b4a91b4

    SHA512

    104fcc85c24da1fe7e2bda609cb9f8c45943ba49827c66b5e720753b44c54f6a4dd65f6b882a9df28ae06decf7ce9acc9906bc793eabe8566131e9af6c9cc5cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55e8f8123c93803ac437a157fc0bb703

    SHA1

    dc9a514b7b5f6d7d3d12c446c6b692521e0a54b4

    SHA256

    e8039237efbb41b66a085efc4be3ee66459dd5249f48db2c2a4b719f84995657

    SHA512

    d83513628e7eb12d13b658f6fe3f696727cd394960d4d7cc2fe0118811e995493f65addd084c70a56c6fc63e0ccabc2921214fd2013b29b5a11f686ea6156973

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af6fc5be0d54bf89f502f529df58ae0a

    SHA1

    648c9cad6f4f4d12fa709f56550dcb63e0dfb007

    SHA256

    d94b318f67a316b0e16257c3b7523ef95802842ac1d80e0749e0835198939fad

    SHA512

    ad47030967f43dc3bac30a190112d1d8bbb4d2cd9991b6a58e6259ba16c84f03ce9f884a83dd3cb1ec5de3a71a8a054add7342ef3f5eada038f470f3811dd571

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36238bf15e3b24711d6280d2c0762db1

    SHA1

    3e8ecc5513e32566df2d91833d94ce2e010155fd

    SHA256

    610ecaa25b96ca814e8ca82b10eb25e23a72d8132552f771dfc7341ff9999027

    SHA512

    dd60992f8d7a480a0d47f71cbd3bf7dbaa4da969f895291eda65fea56072377fa88a2b6f830f49f8725f29754d86538c37e6a2eb7f42cf9c28d392cd102fb5d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    210ab10276f756f3f8d7a99909803877

    SHA1

    7e7ec36893061b59a0131eb7d835b93f30006934

    SHA256

    ec70a0930347c99b1bde33f40186320f66ec274edf6f542ff0bf55091dae6b92

    SHA512

    76802e756038f4fc184f996dad342e8ebc4533c273a655ff597e37984728f48b1584011dee38b463a97f41ac60e459e79cf6d98bedfe66236b46e84e720c0a58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b132ad37561ba586df3dc416c46da0a0

    SHA1

    4fbb9a713a586e6de0f3d61426a0c4d9af208cc9

    SHA256

    5e8202dab64ed1da0e916b3a799435cfda295266bb53af307129a18097611aef

    SHA512

    7ac232f5c92b5e2cf14231ec0ffa4a6b306246c76a58add8ba504cb5ce21872fcb4f0b300f324b1103553f38044d3df36319ffbcd348f06f022f35a41cd968c9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6C0E.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6C7F.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit