Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.ps1

windows7-x64

1

CHANGES.ps1

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

dig.html

windows7-x64

1

dig.html

windows10-2004-x64

1

Analysis

  • max time kernel
    168s
  • max time network
    203s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch08.html

  • Size

    6KB

  • MD5

    d09e894a02358f84c3387593d1ce68cc

  • SHA1

    8cb8a1ddcb3f4b046794f63a1d84b8aa06ef8313

  • SHA256

    7d90151a4f4feba25b5e598074af6357a614693b504315ba40d7c9eb9e31d40e

  • SHA512

    fa45ca9ac329e2c7b6c77c906be372a9c937cea76ce6746eac6aef5bd0d5df7d0572388c17befab595e6b51fe173101209701160e15d6fd0f3883a06faebab9e

  • SSDEEP

    96:dAvOHe5yw4P0VVoIJNaLga+AK3fmeeX+7/16e6eTjeC2xhmwHwAeBA+nFPu2k969:WvOHyDJNSigAji+pFu2JxOivN80

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch08.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2624 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2452

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    540dcbbb5505e4aab8a672a3a7539080

    SHA1

    7a192f35321945a07aa074ff5413bbd165c8364e

    SHA256

    839025db86c3a1a01bcdc32ff81e3db6206b82234284e3c3b5b2b4f9fc18eaf8

    SHA512

    783ba5078e5d2e99c06d246a7cfe0f14b415810fe9a3bc8147ced13d027958aff04975bb14ec4647b327df5c765b77cc232268c3243000a3d76bdfcb2550d1e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    769d3ce3203e3bbcc576a3f6bb4353dc

    SHA1

    10f479b39eefec8f906f568edda0830abfafa042

    SHA256

    f224c21275a6d52bf89ce566225638ad5e8c0e3a535557123f0a4e07b72587d6

    SHA512

    d740f9222a07bd20c50bc5fa01ad5d9c8ee30e16a044fb8babc90309f34363e3f2970c559b0499e29701568820cc9269c65eb5b6bf3b97c164b2c43e0947d085

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27e29a2bdebe6be51082ce81fe6e802c

    SHA1

    99ebfefc4c0647e01a7526d85451b5c4265b7d22

    SHA256

    a8ec7585a942e548857b2081928ee0f9ac43a6436ec3e8fa8992f45389904c48

    SHA512

    7b0556b9a893a4e5d05ba32cd3eae70157856925628c018961b06c9f8d8dff2db86954037f2472216e6dac802775bd0b948172685518e82ab6d4fcd30a9c5e8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f821f908ec1a3b21ece11f64b90d3756

    SHA1

    58f8504a7a7940e0150154346408a5f3b33b3266

    SHA256

    3f93ed69a31e396c1b8a126cc99a2d337c98447a73e25ec38964195daf4d2d66

    SHA512

    699a11c14ffe4d13fcc341dbe981d82ad3b4e10d22a8c8f1f0e04ac5a3f55b858fe75803e517dc01233939fc461abbb44450dabb87fbf968345def05b0e441e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    576c5a8572e92288699d619743f4301a

    SHA1

    5dd04418887468996b5c9484a3e08131a2e4e955

    SHA256

    bc04536cb5f7e491465d9b1c5bd5457445eaf2b4efeb753e08bac75b74ea556b

    SHA512

    1bc03fb31a74e552bcdaa0f21367ea701fe5dce6a617f9989a471a0b9858a792173c8c8bda8dee2ad75bf6471fee83f720bb667c0ef425dead158baccd7d9283

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    674e7b493b823adb81d784f7b0f1c1b0

    SHA1

    e0e1f8c6495acc98184504801dc45069d2ae1a26

    SHA256

    48c0743e7ffa25d0fcd5a7b9f461208a2fc8ae7a4c2185df9861850cfe21d6c4

    SHA512

    5f4e7ecdc9ed1a7041a6eec8f48601019ac8545ae51324c5e1e5f5dc269ac6c77f5f9c4f21240d71ddf468aaec7a41153ce675b53b2640751b257d0591859459

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccdea84bfda74ce96e73ac67bb1b6016

    SHA1

    67a367936f3a79ac9ee7f9a36786aa4a1a8a79e3

    SHA256

    7c932b4a6929d91dd84e4b5d6ef90d87917457c11001347623e9b51e7f88a594

    SHA512

    200880990f7326cfc03d046acb996a763044caf122d0e55a3164783a9aeabebd06807ef9a920fe7773ed6b77e63804a04e338821ed74e5a6ebb08535f0a45202

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4231a18b48cb6cf3e7322d3d77e6b79f

    SHA1

    27e3d413b566a237e2274261f57e0d2778c4032c

    SHA256

    10b45b6ea3959d03cd60510f2e00c472ad5e460839fd9b1e7ce20b60d20a3a9c

    SHA512

    39a7debc1e2f332ba186f85576f4a3408e60fa9b869ce75a9256eb73be5bd43d5b5338960bbc9d5af3982479b96efe76d7baf6e46471597e723801d16e8e521a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2442c044ebcdfca1a307493ee07a4ddb

    SHA1

    41d82d6872581636b2de5f9794714c960df2872b

    SHA256

    fc4e6726b69e3dc828c902aa0739929ad1cd2929efd0bf522a0fe3e0f71308f5

    SHA512

    ed8de0aa2a36a779f198677f8f678bd4a65a0505730a7b0e5552c2d468fc9bc33e125cc2d6fc40e0f2ac9286ecd914bdc5dd68cec4606c1f36594a18fe02b15c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab40D8.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4244.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit