Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch06.html

  • Size

    591KB

  • MD5

    5ad5962cea82bf871d30898990213186

  • SHA1

    8c125bcf1b90cff9dfcacec089141d69112e9644

  • SHA256

    2774f01a09a469b3ba03d2f9f5122a0468a8aa47f241bcd5a3a0e6a20c6140ff

  • SHA512

    622737d8ad5111721ea1710ad470522995e9abd9b5df30aed598f77bf517c0e9cc48df1f1bd0f3adae874a877305ce692d28cc0de74eddf3178479885e885aad

  • SSDEEP

    3072:n0OrOrxK3CniEw/5OSjW/CMAfNVlnXSKHBm6qiemSSNsnVQsVI4nWVGCFt5RPOTP:n0OaRiEqOSuK4i1SSBVGC5RPup

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch06.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:284 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6dcf8d47b89ffc56cf029cfa6904f0d

    SHA1

    3eacf765c0f241230b19d803bd07915efaab54c5

    SHA256

    c3600759d3c0b3005fdfaea1b4ef3558a0bfa276528a95185a2c66325f934dea

    SHA512

    f12d418743e3ed94369050a56fa6560044a30afeef02154c707d31d48ba86a834f5afc2388f4edf36f2d4fe980c7859f55beeaa8517712ec414e8ba55add1248

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4040fc5be87cbc11fe151ba36b09014

    SHA1

    f9a6d4e2ab904583c901743f43a2b091bfb9a8af

    SHA256

    4aceb7409bb3e8f4294aa60db6f4088f8b2fd201735af1aecdfcb03f881f7af9

    SHA512

    88cfd2286721f3ccacdcc9422b42c9a2a3d3b829cbca911f182060452751e7fab837fd29c4f95bbc0724c8d01c30701919c31a8e3e88c06a51ed76c81a3b6f2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f755a0ca0d474429ec7c6a68f6fd1fbc

    SHA1

    58f1b0b47086c44b24db3ec3bab877233b69431f

    SHA256

    73e816ea0dc4879b5728319427e56a28cdf078804a5ecac09edbe1f36331aaf0

    SHA512

    51960b531f09090cfe7f52dbffbb8ef817d6502eb4c4e18530a00192a9bf26987ed5e1653ab3f538378f0ee50bb9740f76237bcf9c94eb15235372eac61b1e5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0bc99dce15011584b1e06f7969c1858

    SHA1

    51d790ba39d1ca0823e913a674cc04eaa61feb41

    SHA256

    883b4f3d4c15a472406c9afd1c83f206d2a81212fa58917a35ee7fc652b46095

    SHA512

    3cd1f81f7407f4e25cdd3c43d770a375a4a235fca1dcb222c02a7cf3516df19370cf3bcece9a2071fa8bad8e03fc3c127939d4abbbc234cda692ed17e64d0b4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    296579c51561662da82799b52158bd63

    SHA1

    ec6f7a5e7ff3c122a2546189536f63dc6a072873

    SHA256

    79901fed932d494bb8026e05852a31fc1a47af8313b7f5dd702ba8b6b3f19113

    SHA512

    e5d573d06b58db06c049d0fa2c06531c1a4b8e2f614ce99a535feac667d101eb7d40e5c5441f474f2676c37efad6ade88d7001f0826e9e52a1bfe222f8d4e71f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f2593eb3ef4a5932ac9a2d60ae195d8

    SHA1

    8b59811afa8154328553b7b9c3882db726faf969

    SHA256

    e673bbe52d91d2047b7ff43d2dd3218dd0d400d69ce28d043de9a326fc201cc0

    SHA512

    493f22c8abc4319284991cfeff7e8ec717629ec99a98790acb58d2fdef33de9dac1db77209b3f1266dcc55fa861ebab6fb4b8d3a3bfd0332be35bc2d8f5ae04d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51105f9b92aac199c798c6c558f9a7ec

    SHA1

    9a86fef1bce3ff4665214cc79628b94bef69d8dd

    SHA256

    a171f8006492d74cfde2351a84fce82ab54ea088fa62a723ffe3739a3a728262

    SHA512

    be7e2ca65af1afa9c0112e079d1f6e4d0ea2f73ad417578ebf9f175aaa0ff215cb8e00d8d53273286ac5ef61a4ddf0752a1128e2e60b86c2c1cc79fa4e2b20ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15c3e002dd1d6fcc441c17e0cd3b99a1

    SHA1

    9ad03d0b79f3e45a20bf911716e27da0c2059667

    SHA256

    2fb0fb66f90e207a476d67aba41a1c3c89f57f81de3254a2d08d900eea5b09d1

    SHA512

    e2e6b458568ba7bbd182e1ba6449ce5382b78d0e49ecf300f706697a4c8fa6605fc3e75c0284e8f2cd5a443fde7a7438548f8c770c0e501d2bcad319c695ce2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    510b4d45e03f319ce57749cb6930d3a2

    SHA1

    2c3bff923f73618c7684f743133a17cfef17f2d4

    SHA256

    e39730435d7531ec7c1648e8059fc45501e337e881ab77baed715bca3c2fdcdb

    SHA512

    207baa629363851954db7253a244c0e76b7f9d8e3db2a80de9e2fb95f99e45d3c4ba7743d12d5786021b0eb2b871d7f3b9875ec290a5139540df60a4cfdc04c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    510b4d45e03f319ce57749cb6930d3a2

    SHA1

    2c3bff923f73618c7684f743133a17cfef17f2d4

    SHA256

    e39730435d7531ec7c1648e8059fc45501e337e881ab77baed715bca3c2fdcdb

    SHA512

    207baa629363851954db7253a244c0e76b7f9d8e3db2a80de9e2fb95f99e45d3c4ba7743d12d5786021b0eb2b871d7f3b9875ec290a5139540df60a4cfdc04c2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab587F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar58A1.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit