Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.ps1

windows7-x64

1

CHANGES.ps1

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

dig.html

windows7-x64

1

dig.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch07.html

  • Size

    10KB

  • MD5

    da78467f0d7029f7f89153517be2a5bd

  • SHA1

    235a617b817bfc0c615153a9d71c04e48e1c0e2e

  • SHA256

    8b1a98f14c3fc40744ba88de81ba1dc5d226afdba7d6bf350ad42dab46efd105

  • SHA512

    10d14c8441514e9ead4b537a7af0951a3f5a41d8b7a738da3e966ab9b67856b2c431f805372336faceb1634c76ef611c6fd30e7810c14f8c5ec25c1331a854e2

  • SSDEEP

    192:WvOHv1FNSMuoTzTbWZKyr1770CdhEBNIorKtHamLdCFNoYCBF0:WvOPrYOGKyFtqImaC/Qm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch07.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1980
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1980 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1be99237e2061e3d42f13044e2bc7241

    SHA1

    0ace8cf0490ad99149e4254b4a4de6d2322f9985

    SHA256

    af0b124fe8f7f83709321e2c4c92a93f8ed811444e7a1331388c31c1715053d9

    SHA512

    81af671e296ff0cf3b7e8458a3806e9af4069e670ab6757c9918823fccb996ca425840fea998d2ddf6c2053ec277e379bb00f4eb43102ad400b6e0bf2098e89d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8689e2df9adeca7cfc265648512faa47

    SHA1

    c62bfedc2254fbd30d07c514e85a8c6d44d9a590

    SHA256

    b631f9fb3ea00477f1981eeac67c39e34c48dcec4a2dbca1627d6c35eb69d6bc

    SHA512

    82b831e7bc311841dab947b54521be8844cb1f6323cd83b9c91f2d296b6401450f80dcc2b2e02b6e2d610e3dd04d3a61c4b005abba43dea9a1db1df6b3aa4bc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a774fe5c53104615a23961d27d39552

    SHA1

    5c5c68a33d7bda5197d843ccf757d92188f684c5

    SHA256

    dfb21f96032e7c9128972f306e75f6bbe83401fdeca13d0b22c723eb77899faa

    SHA512

    3f55a18070d53bb4043bc2838431013453fa09f523912944c44f7398488682fac1ff0d5f73e92a37068c26c06106c6fd374cd93edbbcca75a88fd32bfac2d910

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0cbd744555a5d979cf544d155fbd3d12

    SHA1

    fd5e75fbea7d02ecc32f85c182d71b38e5310973

    SHA256

    220fa69150ee55bcd819bcb3a225a0ee2766d61ba02c3f6264c67d0afb84225a

    SHA512

    94721322bb96de7a76bdd181df601e1d04d3c75c6a6b68870e86ed62b1f190b492ae48d655848fdbb2f0d3e695c3d2096a8646aa2d20a0756cd760e64f03c995

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    585b354225c63cade8f71763f0cb79aa

    SHA1

    758c50dce861f72ff4558bfe4442437c214453ea

    SHA256

    37a50d903f1f0806328f2ea1c8fc69a58b9b3c70ae6676969457677fb05aec41

    SHA512

    356fa2542b217edd4514e9d1de4aba8195d00c89e538b38024b85be38fe90226a9708f1502fdc22e0f5dc011ccf15a1dd97a90f7ff15564ca525633a3ae96302

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b68924ad186115c99c5ebd438ec3026f

    SHA1

    423e751f463e7a71ff1af47eabe147d78a7487e4

    SHA256

    e23b5a4a2c670e2908aec24bacd46bfbfb9956250b9b4fb99ebe3ea8b9155960

    SHA512

    2c89d5a4a43fd73a5609c8e39c09bf40121c68bf47514d280f207c30d165cb96df67c24d8e53f90c476953c596c84eeaecf24a381f3aaf896dbbde58362776dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    35311c66ad5ce17a686856083f1c9fb5

    SHA1

    6b0dfebe0636d6f562a7245e1a81e81dac97303d

    SHA256

    1a35e460f98c8482b6d8e1b1c4c6d4bd4d7ef04e7f921f706f0eaafe253fe0b3

    SHA512

    03e91ccc1f1bd9940e29587f6f6456754fd7b015403e18ac95379bc9487ce3d0ced58feae7bad141ea8b422bcbd8a87cc3179d00f952a1e170ffde237e8ed639

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29497958b9371735886736836506f99f

    SHA1

    8e8d89a30b068c5058a1757bda80a53273b38217

    SHA256

    1f254272430af2573c92471a87976ec34fc42951b341d96932d619334eee1443

    SHA512

    399ab22e3f55d4deff0de7506e18511b3b6a3c33dae26591be9f8388c2b638fdee4a8e695480fde3c7f9eccf0d175b52e34cde0134572a3161ff099855bf37bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d8637f6ce68891bd1d2278028bdb54c

    SHA1

    2ca61035543dc7ee2026968ad5ed0d0a8d32cf62

    SHA256

    9bea3cb32700d7ddf3805d637a8f77a2a7fcb19b55b466539d84de0e12338955

    SHA512

    462b8bb3781b2ad5d5189da93ce21ad67f233967355362956b7d1c8a7cf112fd44faaf7e513d8dac1b2dc81e7c7aa5b15453844501cf56ad18f50408f2851535

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aafd6b7534021a3e4b3059c4358cd43b

    SHA1

    f420a1a02e27f9666a01fbfb9faab8aeebd6b3df

    SHA256

    cba949cfbe42335f9a6b2981033b7828b14c87622e32c977814c3c522acac189

    SHA512

    9f5fd8de287f79053dcb930b9685c17a32f33b3f29036a1c21abbebf8484361d58e6f34adf34b331e4b2a0610567e39a2e3534ab6d9d77d6daa3d03b79ff0aee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14d6b9e550408361766b98e459d46d83

    SHA1

    fd8b72fb20a13657fe9a4380343bb312910c93f2

    SHA256

    eadc2f89f2538558e603ba42834fe0f020d6ced6dad410a971088eec3d80d09d

    SHA512

    6d51fe07bc4f0c06ef1758a898d0f933ff2ca2b3d289d6bb6af280f5c8ad8f4a5aa872af135adcc74ecf5e8646790a8ecb8170f04c3a517126695e132b19e95b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68e8b7f563b19bdc6d12d47a7d11a495

    SHA1

    93c01175c1f5bedf7ffb96a89e479e67383d542c

    SHA256

    b721775d158ea118cc7c13c9134753883c5c1c2b1f1059c5da0544846f5c60c7

    SHA512

    dee3bb95980bf89232d8026050d63fbbc75c74c5a736f77e80b2788ac969031dddac655fb50cf2f519e5fd5e5faef8982ef4f23b9c4d171b6b34ecc38bcbff2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb811efb19f85567d88fb7e17c097573

    SHA1

    cdb9131947261b98ad06eb430cea7540ae5eafb3

    SHA256

    7d7274b47985f6e144bc597bc8c8c604ee90effcd59079a0a210c6e9013f4dab

    SHA512

    4841631b6e4d0833ae7c8b7d48763fb57a340addd6bb1c69a060a70c590d66b01b955e848679ae2596e6894fc18363410f60b9d5ae7a06153cd3b50b430f7aa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b47448f4a292e5e8d37d92c342db3c54

    SHA1

    ef6299af010ff1c689de7e874fd737d79fae4da0

    SHA256

    69b6f2fa0d09f536145dd9b20d47cae02b1e12574a19fe4c09bf07c12eef6c44

    SHA512

    2a8b0238f7abf1491003542d08c2fbd5b0a4a26d815325f4f51df8485769394049f5d915cdd7f8491a8d7b6357128c085e35f5c1e49949f53534d13dbfb1ba29

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE64B.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE6DC.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit