Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch07.html

  • Size

    12KB

  • MD5

    e5c9dd0be4ce34354be744c1c8553c0f

  • SHA1

    3117b7489d59589e48e5b1fb182abc484f780b7a

  • SHA256

    dcde66745adf5fd0cf33cd4806a9e903f1cda3caac146458d7deeb6ecccc282e

  • SHA512

    2a479b9c5af6a3a3150083e62ab93fb6ad4ea52a18a116beb1b5559a5685de4015d5aefa732a0c5a119f1374162a51fda6088a79419eae17dd29df29c25c29f7

  • SSDEEP

    192:wyvOHk1FNSMuoTzjbOTtsorrU4k9h6B3frK9hD0PkmP+YCBF0:wyvOErYOutso3SU6OPqm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch07.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    59edb742ad14a8b83652427bdd39755f

    SHA1

    fcd0668423d6567540faaeb21c42c016f2906cd9

    SHA256

    811d8019974ef0d7f995eb3f5ab510c48d4ed99b8e6c04b2912b4335622dfd9c

    SHA512

    0ea8d524d7d83d90aa579295af5019dcfa28045b7de23dfe0112563bc475f35090a552ee197ab6c2aada04963229b2bb8b48a8b2a75864800f12d505bd300cbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41f65e23c9805a278c600854f5aa44be

    SHA1

    e8741895d2d4cb7d113cdd008480ca521e745ce8

    SHA256

    dc4dfe1e15acacea6ab7d6937ce8cdeed35c91ac627d0786232356d255621f6b

    SHA512

    f2cca25925d377431012b8a988df6e2a3d959e9ca32629ace80ecdfb9428ade857d531ccd6ab4d862a45b63ea72c420d9b04d34f88a102591f8eeed286557346

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a12c0cde2c9ed9e468d914a21aa9b754

    SHA1

    4a721d4e2ccdcfacd4ac9861a17b1948b241b7ac

    SHA256

    31cab25e5dadd8ed0660380d9648f7458f2429ac58ee650be2bcf477e6db51bc

    SHA512

    ec6081244f3bc53e018b7a387cc2779d1682f8e5b872b398ab5f60302dd123feca678784e4be6447819cfa95c73627fdb818ce96f8a18c35f136c7ad8e5644b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0511d158bde0cce918370a3a29dc4f25

    SHA1

    a11e7ca219f5fb556dfe442e0f4cbb071dd20938

    SHA256

    6edf8e782af6aa4049fe5f0dbb6ced5806cfffba4df451ce270493ffd5382f5d

    SHA512

    e769d50ff427cae23630629b63d33347c34fa8424ee6ea62d70e2f1340285cf6b4e1da504ba6dff54323fc2c9f73aaa9061e240b9c594970553d58398faa6651

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9aa224a7a9b0dd0fc06120b0b6278917

    SHA1

    2168dadc133f486ae53c8648d49def36d9e82537

    SHA256

    b918fa5ddac439eecd67ff06d4cc76625832bb00d6b930da29c01ddf3978703e

    SHA512

    c0a9f9557c5e09e3a31abb939856bbea99cf5a4889984a8ce2f03fac71699881f07f4f541bc670a9dddf2450e26e4e457b3d28fa1035e746a743aba4697df2de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a2e0a0d7306f6093994416161966481

    SHA1

    b8c227c3e61ac30f66a24f79e69f812f165f49f3

    SHA256

    011a3b7c4c775a43e0c3526bd82545f328414b9d98fc3cf9b1b56d430344dda0

    SHA512

    24775262a14226a9745d8e0a36f359cd22877a26f4a77e302839738e6886e89cb2164e9d81e0c7beff5f6aaae601b54bf393f679456e8ea174d0e5e79aba517f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cde3b5b1163f01def5b88e180ec821f2

    SHA1

    56581066d32496651b71288b94c406716a6556d6

    SHA256

    6828934f2657eda93f02428bc86374fcc984a9dfcbf77675438b9591789e0bc2

    SHA512

    fc896f139f614eb809c6e09f2c396e7c594ee3f978011bbf64dcf4a27789ebd3f607bee48c9d2bb76673d8702821c6bf3231b4e7f941dcf6f4984660b4e3bf9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbd80a83a23c401cbac4ca7e1a2d24f8

    SHA1

    7d8cb7fd3793ec1043966cd9d3e040fbf59efa86

    SHA256

    aa4f56e5c37b79445ef900d0b22e5a8f1be602b316a4ac3ddfbfd9f11e111a24

    SHA512

    052e5be4d0c8b151ab20a0320bde2107dd31d5b5e77fbb95f143916b484ec048c1b88793b7d95b6a86138838cd3a3a56b0fb309420d75f07e7ce1c9a55d131ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b15c2d985e263637f569b5c96a4dd68

    SHA1

    44f974c3ca64f24eef84c3b36d21b4c2031084a0

    SHA256

    76e35cc1afe9204fd1b52a4a15d78fd2cf6194ede98d3db19d50386bbd6afc34

    SHA512

    2a49f3f9082c3057988dc56ad0426c5b9abee2da1e2b8442822ff5f7c21af8a49dc309187800e67b69b6a53d799462cc19ab92a68015ccb2ca9c22582962c202

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a82f017c90380e77624344993ec677b0

    SHA1

    b1724bba5f480bcebeaa49f4335674f1f426ce8a

    SHA256

    399f09961af9fb1d72a0395559d28bb53a77ad1b92ba0849fc92c0a0f1c4a07a

    SHA512

    ed022b63cb4bc42c20c8abb9485fd03c676d008bdcea4fd86409298fe171ce20eae82eb9efa155b390ab8bd4105c8e69d87e4dda30d9954b2b0885546bc783c1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab568A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5BFB.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit