Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

Passive-in...ty.pdf

windows7-x64

1

Passive-in...ty.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    95s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    21/11/2023, 06:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Passive-income-is-a-new-reality.pdf

  • Size

    562KB

  • MD5

    cf936d3277b7d35d14db096a75565780

  • SHA1

    40fda0085e1b479232a782915e036299814f54a4

  • SHA256

    dd8f13397f1114e895f3850d024aa9df8f09971eaa6c89dcb2a5896e67e43a7f

  • SHA512

    2481343552ebf7accbdfcaac6dda10bc9e1c00cdfaad9ac52f0640e5b1ee6b9dcc656f06e34a74aa0a9fd915237e9c1d48ec2342669c0c80d1b8628a8708f805

  • SSDEEP

    12288:3y26HtSYHo0s3Nl2PviGwu60CW8j9ongrGSAVaQscfeGiFUlARUzNv:3y26HtSgUly/YTGCGSAVhrtnlAqV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Passive-income-is-a-new-reality.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://donow.rimnonstop.com/?_lp=1&_token=uuid_249rblc35lc1_249rblc35lc1655adef71b41f0.52601972
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2092
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2092 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2504

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    5a352f1704300a96d7d450489fe32a17

    SHA1

    13b914e63b8ba9e2a4cac4948f17cf4d5807eecb

    SHA256

    b9e1981afc4ed3094a6320a1c0334988adc6b75c166891a82cf3121448833eb8

    SHA512

    9b8619b712dfb58114917e728477f5d337dba3d8fb88faece28772aa0cc8236973af78272271928e41d08fb7300628b6ca88d709efaec4705968c0cab0e7b06a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b0b855db1797ff908f41de6be786498

    SHA1

    5d1b098a346d75d6c1eaed5bc99796d1a49349f3

    SHA256

    8a90eef281983d409638b51741094cd1a277fe13ab68c3f2f75c2742afc3b487

    SHA512

    6a71148ea84f4fc9fbfdf31cf7ab31cd12a09ef3f8e9a430558e178325db3cdc2fd5c4e443e0e60da335ea3c1bb183d85bcb6ff4939a43a7193e334dc2cc69d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e36594bc6b2119ca5ce8ef4dc47f336c

    SHA1

    097de3db8a4bdddfc56323b21d1abe25a626c81a

    SHA256

    73f9f0b6594f000c78ab8d768aeff1368d2fa6422419c417ff0ffa54c01dcdc2

    SHA512

    bfe4368625737fe56daf5c042ad07dd2a4938b7c2f59f5124250762a5f6d552a0afa9192214fde91ee934f3b879350eb1c7b088782818d312dae8ba74afc251b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    061729209600d34ac54231ccae8e29d1

    SHA1

    a005a358d412ec8530f926baf83ab6c489bbe843

    SHA256

    6d4b1d5a0c307b55788ce0df9de5be44bba149aa7016d4727e38fee09b95d0e8

    SHA512

    5177d8ae2f9b070f7cc0ad4c7551067c77b59c51b384af0c8dcc4c06465e192e19f1c8b800ca58b92c6a470ef4b34f827a220fd77d756f58806b076c9a790cf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    331f9ca007f09da62b26201c1a1c2a8e

    SHA1

    7928e8350d8e339cf9dde993014e6c797f045349

    SHA256

    c1ea03336148b641e47f7bb1fd7aef1ae8abd308e9b613f51c2fd6dbc307a953

    SHA512

    676f0dfde8add992f7f74bd92a31041c509b10fcf2c4634bd933c0421abc7875f89b929023117feb1cf8d5345bce6b1b7717338e536c6f2619f0387cf82b5340

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    66c98dc7085c5f44cb69e4bc21a23f11

    SHA1

    aa52f7e9437739ad16172a36face7b57a3cb8c9b

    SHA256

    bd63e554808d0cd7ab9ed69a51a06afeeab063cc38b2425bb7e5cef0e30c1f1c

    SHA512

    59da88f3f51701c8cdbaf8c2dca02dbd048b4c92dc3016f74cc10a02f979a8b319f2e77a38b007eb6cbc538a4caebf4ae4de665d6e579f1332b23b327df76c42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    241dc25c55951500230d9afd40463a47

    SHA1

    535104235d4e21f617a7a468a5007538a5fcddf3

    SHA256

    56fb0ca08a4f4acc517a399882d8845a8d800f46f05972e79e259e120a22fe14

    SHA512

    19bcefceb44e27b7466c9ba79fe903f37818516c3296780df450538abb2db0bbfd070d32dba8e44f6607201fe97fc957ef33382a408f03f17aa6b2525eca641b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a9ff470eed916f1df1df6f8a5e7ec44

    SHA1

    9507c8bc8a77d7b7422c6dfc3bfef19b16582226

    SHA256

    fdcc6face32a0605548f9042fd76d4187231113b0e906835ddaac63e9b549601

    SHA512

    b38cd4f466bd5a90827590af17a923a5b63c50339bcd0f718a22b1ac123adb4b6494d9e47629532636639c13b7873d97ee4c38b2fb5d42f71b5626eef908ab03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d0a6345372e815fbac82b2967579eba

    SHA1

    cacc2d82f562f8834282c947cdc350808a482da1

    SHA256

    458edacc9f2d75d7657e48113fe1bf1470831bcdc7f1245fa40742c1b73b3665

    SHA512

    4f7c66788460b4140acf0956aa9e161a4f0c3eb7ac4bf19e1b07c295c8cfabb6c995ee8a8e1516dfb320787c75c979d2e65bccdc85bd575fe914726efe1882c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2086d8a9098fc20d5383adddbe9cf47

    SHA1

    3c58292462a711e99fa8df3cd1ec31910b73e63b

    SHA256

    3a89f68f918bd6169633847e8beaa6b76d9e80f172a145db5bb4a4085cc4d75a

    SHA512

    777122a725f34897991c69544501e90ddc10fe32ac1f3ff3cf9b2fe2686ed877c6966444521330be6c92a5415715b988a7860bbb18286c6378c7fc7adb86762a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e48ffca3f510a0123f497552b942aeb

    SHA1

    887ad185132d480edcf76b71feea6cf09cb6c081

    SHA256

    f8be358887e7d456c55f10ca75c51299ed1e84334a076a80cba602a302345fe9

    SHA512

    364db5aeb43a1fdf3728433324e51845beb6c0d5db0395c54bc9e0f4e8afc87dadef097a28bd188f6ca5bcf0dc37f199af4fc817317bce5a4a487cce68f3825a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5bceb5702c4fbf8965a90b022df0d5c9

    SHA1

    b2cfb29d0b7158bd168224e6606f45ffdb09be06

    SHA256

    130129a4e3d3fde9f2be2389551f4018f133f59b08d60d0d5ba403aa919af1b4

    SHA512

    d5e907ea07f0eb5cde8987ff4cf2493f54b375695cd521cd191b518bef68ab9afbeeb4d9d10eb2fd208925bef5cfd7466e56935ad117c6f38faa3d0e426552bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6e49ca9aad8603adeecbabce3e1bf7b

    SHA1

    81aa4a99e9103951e6cff5855fbb5698676cbff1

    SHA256

    674b54513b6ddedcc97412a607be4ebfeba68dcbaa126fc32cefd0197147c0dd

    SHA512

    1656d70300234dfebaff8bd17edfad995c3fe53df5aef065fe528b6c867894a55a831a003b0c0e0793396f656184cb960aecea3181c485162c1dcb1de24a31f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    621f035cb9e247b55fe57ca1f3c6547e

    SHA1

    f9c876a4c0243ee3af4621b98384b397faffc52e

    SHA256

    75101facc69b6922456466f8d857218336ed74865f44816f289b26b1d1db695a

    SHA512

    b0f4392c0167be87b860224ca224c19e029dd3e87704020bdcd44ab89c43c03ef19fd9ddbb423a4716b2dd952585d54a1266bb07536eadb3e180f3c85f632193

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    7be30cbad2be8cb54b7dc9154fd119c6

    SHA1

    b6bc311c766de2f28aa08c61ef87f7a249b2ca60

    SHA256

    f3b587039e0903696335d9fe14dbf780e778d2dd1f9849b686931a360e0b3a10

    SHA512

    83a1947deac99e9a1debfea4bcb0e05da748d284ffe14198a35c1db7d83d4b86f3f0a73b706da62e1fac7dabbd50c4c0f96d6d54b0c13d7ac2d47c006c6d3a11

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB02D.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB070.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    05ef01b7e88d6ecdf8052b64f0aef5dd

    SHA1

    4a07038b5cb2a3184c141327f7e803809b62b95d

    SHA256

    35d40e789c3ec9319c88b319b057d4a9f229fa4077160b8a815be951d2e65f11

    SHA512

    4d48e5f83c096c447471aab23407633cfecc8acbaaa1e5c070e30b9be39c4e22ad7a74c5e20a36dcbf0acbb9b67dc5b8cda4df6c8104d36fa4f0d84d2d709172

    Download Submit