Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://nl-xtoolsx.c...

windows7-x64

1

https://nl-xtoolsx.c...

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    11/12/2023, 07:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://nl-xtoolsx.com/ip/index.php

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 50 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://nl-xtoolsx.com/ip/index.php
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1952
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1952 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    d6d4fd8007694baf74548e6488ea0190

    SHA1

    cbaf911768f7a321f4b671973b40487afd43ee4a

    SHA256

    3e4f89e7f8ca4f6ae51840117d7d8fcb1320a8b6514928bc63fa3447d9ea6646

    SHA512

    8ac8e67e38c6188fc7e9531148072d03dee8e4bc4c573833b57bf8e0ab9b147150a5ffbdeea60f214edfa5bfacb79db1ac477fc3df841f8389e407f6e2ed2e4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46f90e774c240c6af0a49a9aca0d2fd7

    SHA1

    4be2a4d3e340981ae58fe65b0b5329467237ed51

    SHA256

    c4bfc37a56d0112c8dd8300e1dec14f64510b426466862e1d9673ff22a203587

    SHA512

    4f753fb1ae89639217b986a7281c16bac60b5b982594e95dfa4c33a5280238927321c75dc21208d2fe879a786e6f86726aefb173e6676a22e5dbc44af0154796

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37998a217ae0c27a2dd85f8b5d6cd0ab

    SHA1

    3e7f86ee9e42f8e62b3b3b0901382b33559e3ff2

    SHA256

    dbcd956e044af4001d2111cb5ff8a427665513d40c97f8ff0d4796adb62640ac

    SHA512

    52190a6a154eb6d64b5a2781ef82f1fa11b86ee085d0ef3fbf3d2d0549eff4af75df1c1c8e7918c7764cc1ffc9ea65376572948c06598025db7c173205e6b48c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b100475afce26e1daf2e20256e854162

    SHA1

    1b6ffb4b03bf711c130750347e6c0e3f3669bb1d

    SHA256

    28baa9a8b70cd3b53af235d26dc0babf11e01fe1d978c337085e64a05741461d

    SHA512

    d74dec5da0f9a7258a81a2d34902401a3287fd97db47472dbbdf7afef3c3e37533ca79746d582c3a6f128fc9401d35a3a3424c42719aa89a4b658a3daefa8d6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edfcea03316478bd3b9c60715c3f3398

    SHA1

    ea2e85b2395a41880cc9f6b9d9d717a9220c9f1f

    SHA256

    e8253466cdcf33571071391aebfc322f1163d7a85f493ca2352aa4b5a1b83b31

    SHA512

    4058d748c95839146938a344a9cd711244d906c5c2e04d17c9bcef579332b750d20a737a89eccdb22b89c2276333093239ddc1b74cb432039a8b9bfbc565a138

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f20123b205760c565c611a49566df2cc

    SHA1

    29609c7b14898fe939b3108963ff6bdd4b56aaba

    SHA256

    c9b61455b2b8804287c1311f56fde7f9dbc3bf602c1de39997675576eaadd1ad

    SHA512

    6f7eb1d6310334e3e1f85034177a6354efd0a10b48c6a0986d9a3544aa8fbce5ccbaa29b18ce3e5f3150972015c114896201701ddbc1f53d70dda39099b6e78a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e0bae5ab3880bca12acd3be17537d35

    SHA1

    59d1c35ef23b436f943403b52d7e55bf547a36a0

    SHA256

    00accc7695b9d2ca38bc496ecc0243be22aefcb57cc61d690ef8058841b5b196

    SHA512

    48ee996540ff1d4c54e27eac3313c350d6985f25ca062ea47894a9581becceb439895a7f36acd299428147dd2b867bf6b522d83f424085849d316bf0382a4933

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14b522d9e72a318426c06aef9b83b215

    SHA1

    7ee0f5ca740d8da7f7203fe5b4e7442f167b1f99

    SHA256

    c8b09ee0eab6241a1390985d4b00fdf733446a5f4e42386b81e450411db6a767

    SHA512

    59361e8d2493a2bdc9ba9bdc9c03dc975e3911bbd139a45a7ec397cb306d806682a85f2058e5e40cbe5166abbb13387a00dd1e3d5215254d967a7ab7a65c8358

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2122b24fd323ce243232d56d1a4beb92

    SHA1

    51a72ce7715c05ff21f4acb2eb060d5f470d6845

    SHA256

    84d750049b3d96e940737a6f767da962aa8053eb61d2dfef0bb8826b899bb1de

    SHA512

    2b176c7039ce45c7335734b8093b735365cec73b89430c17cc0438555902a9909a536e9825724c3bcb208948e1d790110202480c50497a5315575b1d58a842c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ec91735b902f3d7193c25182d07a25d

    SHA1

    1cdef0e0d33187887daa54fc968f5dd6c48ce86d

    SHA256

    4f6401b5c79f018577f2265c0a87036b65dd6bd85aaea82080001107c85ae6ae

    SHA512

    ae66ddce92f9a0e6fb468432c091cbc3b6e7d0f39404fec4d2be71dedd7dbd559fbfd64829a58c625128e60f36d7ba2e2845608fe95fc5e52e5877a62f85a9d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18219f85b11b25662160dc31125e2201

    SHA1

    761821f07afadce36f5b743f7ad1e8eb9bf0bf8f

    SHA256

    9b70f1011edbd5a88493be193637dea21162a14ca43985390bce5818f15979da

    SHA512

    c3bafa4b32b6256690f3d0d7555cc0834dd0ba2eed04fe6dfa4667c70c0a5cc710c32d217c6cd23ce6549f4ad218696fcdec53d0582de72c37a44ba83207422d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ee232603b30017aa3a06329f3ed1ecc

    SHA1

    6fda91bfa456290bc17ae1032daa5024d2b42972

    SHA256

    d999d6b9ed7bbf6bd5431d025562c43fe1bbb782c92277fbbf3b712423f89429

    SHA512

    519d7d43d12f4741d83ec46adb05d62b521b52335a20da6d5275d5d62ec149c28e92417a540f0ad9a4f80d8db0ac298f1ff1605e6f62d3beb2f3811cda6d3953

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b70298f351bf137a63b495e9c94487d

    SHA1

    d4d457eda759ab7cc4e55db1b1b5b86843da30ea

    SHA256

    0c51bfb6a8a87812b6e76747ddf9121737423c73e5e849b883a0ec0202f5e142

    SHA512

    2541d2fb1c40cace6be1e816d301f664890148f57b6f3daba39694c0dcff0f20d7e28b30cd70391322edffed0dd4490fb24218b9b01613b35948a0368d12ce8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6689292d2313e6c1a4912d22fda3e624

    SHA1

    ae03b57ff54e7669620bc93dc3ac0b4113ac0abd

    SHA256

    380b07ad1d877b47dd1c1779cfb808030c3d708d8ec523af78e25653af02e059

    SHA512

    625c00a89760976e4a568dc57574a3218f29166d6b482459ec104d0c6f07f86836a1a8f8db1b4ddc1be51048f70db196190bb29a809b78a373fea27b50dc20f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07eb09ab47d16d22940862e08ce61578

    SHA1

    ba11141682bc9aa76e65b263258b2d3b776e2f09

    SHA256

    74e25f1b4cbb80a1580fe1c8799f44920ef3906e9897f39e2f4263445c821653

    SHA512

    5d4c07be3faa02254ea679a464622dad70d081575de6f818e08216505d7202f097a8c47c400e4f2931e4fe6b72c98571d87c7ca2228393c6d7a5181ff1ae04ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d64c796806dabc803ebfbe78229ba5b

    SHA1

    01eda7c758d73fb75c110eda7f08cd6182202dc1

    SHA256

    e635ab844fcb99553dce987c46ff3298d1ec8b3fd0cb0875a355359db1dfdb5d

    SHA512

    212398d47edfab0b18789ea7271fc0f80ffd626474c63868fac48a85350ec4b9669469bc498a0a8878557dbdab0c2e52860cd2f1a7d0a1bc7c24a83bdc971153

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    680b47be5470f365c56d9c0d7536c3a6

    SHA1

    244b575458ee16fd950b42c66c538bee5684b65d

    SHA256

    f0c1eb39ca6bf5bfd5a0c52c77c11797b14621cd8d620bda48a8a27e07c9ee6d

    SHA512

    612cf0efcdb564a095c8c16e4038f3e35c6a7d107334dad0eb686d891c15eb9e62e7a1f65fbdbed614cfb1dc6d8a626ab20fe498c1d01cf295b5959578fedd15

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TORT3465\main[1].js
    Filesize

    7KB

    MD5

    44ffb3412230ca8c72b5c128997a46aa

    SHA1

    594baf4b0e84774e23dd69faa319ee667c0ea675

    SHA256

    f79a88407bdd381cb111bc7b41bf07e13bf8478eb1c08c6d58388347ced90e87

    SHA512

    80ed6a4f0aa04a65063171f761c93f8f9d43ca240e3131e54f7acf881778383cc979d238706391e3ff5b29561c1e34233ec02c2b50c83d998376b0fe85bfc629

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7013.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7015.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar71EF.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit