Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    160s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch03.html

  • Size

    37KB

  • MD5

    a12e2791c0443c12a217ca345948429b

  • SHA1

    22265583fe350ad8e668e80def33d570161366dd

  • SHA256

    0394cd0457cc9bee7d9403fef688135578c9ffa09bf909bfa41004a48a9f6e81

  • SHA512

    498f71af970435167777957c5f4e8224adc19064923670c5f646d1764d811915741a2a5bf4481b2c84889a33e50d73c538ddffb1e90c943ae1b778a48511f2ef

  • SSDEEP

    384:yyvOHdYSR/tNAyxMIbdjSO7vzpkjLTq7af8GeGDg7FIRw4q/h+fYG7khERr4q5o:y0OLtjxTbdjxvijhf8GemgLp6Rr4p

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch03.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2832
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2832 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2776

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    400948673d3ca4d40f9f3d06906502e5

    SHA1

    0c4ac6f297fd0709c80e12cb7e9274b576d7da98

    SHA256

    84280a089360bebf0281d0b81eb05fd3bafe0581e98acbb09044ef7e0bd0eef1

    SHA512

    530d14ae265e27fd36bf2220049909f9a911c8c70a1e73f538b78e2d8e03e25c829916bc9158b79be3b604d39095a0cefdf1d9f51d4e9ad2608b40063e561814

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39504d0bbbe7ef01271670ab6f40453b

    SHA1

    98d83b9fd99a41f0692e4bde43a7b87b9a6db4a8

    SHA256

    0c63bd18214376b254046680afd08052b285a12596d48388d5eb52bd9863db67

    SHA512

    7b3e10915c9284973c92bdde6c5527c08e4f8d64b8c58a4b58711558a39db6a40a86dc823f2054165f1ac24f1130b6e4a90e690d8085112e9cca67669c57ddbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc1c3fa9385f276b864d959ca0882878

    SHA1

    5a918e345b2db09a3bec6c2e03612f3bec315da6

    SHA256

    bbb9db846395f27ed11a6c9ac7a598ad3079f0634c15374bd8c8f679e0811c15

    SHA512

    4de1519e7939bb55ea4e0860964e827a8b9389edf788e2d475d3cf15816beb5d8854c968fecb76b50bed84fa4026fe752c1fbc4e0f2e0ca9eef20dc6b65b29c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62e543f1bda5f1ce1744651f36d99458

    SHA1

    58d6f0dbc4dd649086af7a5a822a6276fd84101e

    SHA256

    a032d2c7e57209ebb79efbd2d580da079056f091e47a6f4b3b2092690f827936

    SHA512

    f1b186aa885c58e7dd353e0c3a70817790f4f606c0da8558357e4e2c06eac41a381ad186464708f38af30107caf3c8da7aa0203f24bd0f91a39b83f3c9211764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87fc560d24f4ecc0807e15e30d63e9b8

    SHA1

    30e08493adf40542ca2b7ab735f0647c7ca61932

    SHA256

    1fcfa1acba58382cec93bd59fabeb510026293811163e0e27cb706a84d716b5d

    SHA512

    832e6d8a2718dfa4bc3411587a120cdf4c6b5f5b77f11637feee889bd613e60256a16bffc39b3bfc0bb9e786ca83cebfed5eeb9d022d4fc51625cdac7e215350

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b6b11d312832cf5f13c23570935d03a

    SHA1

    b43f1284391b0ffa09f065bde2d68fbe40831630

    SHA256

    557ee797afb4db7e3e8490d9ee4696c10ec06099b2340b240b1a8bb35d14fc7d

    SHA512

    66af2ab0489a28b9400fb4fcfc7c44edbeaf6aadf213a8c842ac718220cec31ffbcd52244e916e1307a8199942389e6a432a90e9df145cbbf7e06e5def648a29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3926b68b57da03ced70e322a88228f85

    SHA1

    c0a57f2d1cc5254b33fc49d2fc31ed015c1a6576

    SHA256

    ab8d8ce7d4a5cc3929174062e8463a2dd61e745f5b4ef61822a01445189b301b

    SHA512

    1ad69f247ae7bcf73de383224217d1f0bc25f2824e862ec25cd99dc8da1b0eaa805806ebfd00398e029d526bd09847ae34ae3322f53465ffeac3df42f0fe7119

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c434af0446262f7f2c2b8b6f4fe6b0ec

    SHA1

    956e81b547ec8a5ca62d61bff3105b5b05a450b7

    SHA256

    29e2297600d4fd05a5e8866d84279c6e389fb45d6539c99f245b14fa73082361

    SHA512

    86f8cde0d8da08595c3d27e3fd59c29f4c4b69e019579b08477436b1d9ea898d7baf61c59d667de219529331be410df664ee8ba7d8b8d14850b4faa7666162dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8239281fdb5c4b16f3a0675503580f34

    SHA1

    1376751f0ba897aca2e1e6638f89f78b249698b1

    SHA256

    05ceb0061c7df2ffe2a0a05bd5e3d4102c21817bfe4d27b9e6dd09527a223949

    SHA512

    44001b29fee4b34eb36b44f8e12b29b22907f9c0ea88a966aaa4dc89e9f41e69edaee2fbc1e586258ef4891bf58ada7f6ce31f72c11a912dc4251514fe7354e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b0856eff6df62ec2cbd1dfff21c7d8c

    SHA1

    fcef268dabac0a7ce83aeb63280eba8da8484357

    SHA256

    be79cfc0fa275beee70ae3931019ceb97054266f3b9bd597288416b85cd9e8b8

    SHA512

    c85d8098c0c7bac946c56fa333602aedc481cf95fa99eab00aaa29358515d4c6a56026f317be09a42e845f30915f841e5efc2eebd09500041ece7e57a51dbbc9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1A37.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1B06.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit