Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    164s
  • max time network
    192s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch09.html

  • Size

    49KB

  • MD5

    330b2e4284d1f91220bbb0801ab80b3b

  • SHA1

    fc484743bc99838c9b09959a03c8f1d81fac728a

  • SHA256

    4e6cb4ca2f624228833db4275ced982b5d27e025e678087ae9f638617554be3f

  • SHA512

    f0c92ddc3bfe1dcb287c7bc72bfc8476062911f4e61db852e0b9da0b895ef823ae212965e02e275675241c72ecd4fa20525d2880d9183d7675fb57950bda0d79

  • SSDEEP

    384:yyvOKaYt3Ix4U3ZK1siN8I35lKD3tjzF+JahEbPHYPVijugEoCuHBtnQYjhyrBvs:y0OmhUI6I3mDOJUVijWAjQPg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch09.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2776 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2864

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a52004e229f1ba0960f66e55cccf70b1

    SHA1

    cc91bd61e3c551b1162375ca1c393077e6968924

    SHA256

    6f5536e97a4b01cc6254419f4862fe17f7652abbc44393f2be7dda7d94d036b9

    SHA512

    97d2af34ae33ea4475040ea5e40eb3e7e8ae2e4835671c0b85b18b66a88bc145b51039f61b5e78135e3e5f5641bdc709414eacead46f093997dc2f9213113a6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1ea8c52cb4d46a571eb8656c92ea113

    SHA1

    1f88da2a4d6327fda9c04862339194b8aa30d78f

    SHA256

    80a53ecd741ff337b3b6eefd8eeb8393af89bdc3cb424c3ff5ef2cc1f3a87f62

    SHA512

    275d3b7acdd4e18a1b1fd7c503323fe6708470a9e374b547b01665662e8277cff40456f0a044e19198f66acd3398d5d11f30fa239a0a5d383e58d459e66ce119

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f1e7c5a771659983ca71e9f704cc6b8

    SHA1

    818fcc02cd3f7a5bf66d9eae15e4263b7309e8cc

    SHA256

    124c1b31c07c3d9711ab9dc59555228682aa3053729e6400c8d4632a5fcdcb7a

    SHA512

    1633ddcb97c04d406daf5a5ed7c333fcf3152b95a65abbf8f7f9a7d52bc5671f1e77c83d1b589b84509efdda10ed0798fec9beda9383271aa339623ff07c01bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c5f79aa80268b525425efb96b797109

    SHA1

    b42e65e5bf84f6e5de7705a163f24621a76b3de2

    SHA256

    591bb9588ff1385611852106249e622e0f72d52f4e2337a4da6a2c3133912385

    SHA512

    74c7a62e2e3d113aa86b60044f2230057f888d15f3748fd74b829def76facebb08117d8ace3cb5d001932708ef16b8690e8eb9029949787891f78f601da7fad9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3055748057e141e4dc7d49e68bb5d633

    SHA1

    6b8eb3bcaa8eef0fd42939ffe1a56dd9b88bd0db

    SHA256

    3993e3c27744d24e6ca0e363256cff9a25fcf700002ae85e2b4fa194e98656bf

    SHA512

    01f4a256ae3039b0d7271adb49ad556d8469e4b25bbfc41eca5954c6e348dd801ab340fa498adbe4c100f420323071ef9413e96d52cfd06933b3c5ac1b8f9027

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3055748057e141e4dc7d49e68bb5d633

    SHA1

    6b8eb3bcaa8eef0fd42939ffe1a56dd9b88bd0db

    SHA256

    3993e3c27744d24e6ca0e363256cff9a25fcf700002ae85e2b4fa194e98656bf

    SHA512

    01f4a256ae3039b0d7271adb49ad556d8469e4b25bbfc41eca5954c6e348dd801ab340fa498adbe4c100f420323071ef9413e96d52cfd06933b3c5ac1b8f9027

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c80ea0970e15785302dfb0dec35da1cf

    SHA1

    57a6b6a48c04c414903c37539c4c816b08c049a0

    SHA256

    5cce9859e144789fed57609b8d36b1141b13f1dc5e4cbd21a325bae7c26e3fb2

    SHA512

    efd1f16cd48e8e63d55e1ceee5d7bc703c9d64a71824fc082b68994baaf9876c31d566406a1bbfedf8b064f2f460ef14d6cc8e664b70c1ec162ed8f77d031dcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d76a9bccee7d57dca0effa657d100ef

    SHA1

    197ecc9f844d41259f748f7e2e3f239e7cccf952

    SHA256

    8d27aebd8411eaee56391ee5e1477ed93a80b674ce014aa9bde277aacb59fa2a

    SHA512

    6fb31a45e0aa140ede56a561521e938137f7fb3c69744d79e34ab4f8c2fef7ec27362b63ad0d3fbe8b9eaf8a236999a31c5b9e40424df2441530700f60a71208

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df7bba372100ffe3598a0828d02ced40

    SHA1

    a90710df88cc1a2fd8d27970505bae4648bd3a8d

    SHA256

    38861e7e303c368eee469b7df43655da6bc1541f945cfaf9ebbeaa5a3fcf5af4

    SHA512

    913f591aaf0f7f841f8c3b93c7ac87e17b3fc7a7fbe53cac9cd408f32c6b9a034152bffb6ffe9321675a2b90a3195a26bce36b10f5b17be15433efc8bcf1e39a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3822a6e1b60e03e735ac82b5355ce573

    SHA1

    b4551cf537984695218f739dd01a2c62ccad475f

    SHA256

    68c939cd73da7a9110120d00747ce9989c92f0a972d3a89ec7903fa9b6871e2b

    SHA512

    980cb8b69b318352cc85bc998649e0daeb0d3357aaab6a0bcedc772045051ea60bd861741ee0367545f4007a715948e10a4b9c4136347918671ff75a219ce4fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f84bd2baef58eaf5b5de9654c5e016f

    SHA1

    83e23d94af91fc295a865857e1109df161a72c00

    SHA256

    3f947fbc73e7c0463835b47e4cbde951ea151cf163d6f00cf3b61ac7952885b4

    SHA512

    3a53c404c7596c04032f007cbdbf30fd088f995487832a6089b87a8cfc608d0eb621d3c0a5767c66860cd8f12c8abe7cd75aa70f3bc08bd793c79a9f954c5558

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5D5F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5D91.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit