Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

https://bitq.us6.lis...

windows7-x64

1

https://bitq.us6.lis...

windows10-2004-x64

1

Analysis

  • max time kernel
    12s
  • max time network
    13s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    11/12/2023, 10:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://bitq.us6.list-manage.com/unsubscribe?u=0f8626adf047797d4e50601ce&id=e678293870&e=38c6a58c6d&c=df6fb82195

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://bitq.us6.list-manage.com/unsubscribe?u=0f8626adf047797d4e50601ce&id=e678293870&e=38c6a58c6d&c=df6fb82195
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1404 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07247a2fac3b2261794bfd4b44b5136d

    SHA1

    117400fbd35e4bfb829fd0d42925c369d3371e8b

    SHA256

    e499c76eba0ab5d4d10a3ae601c9dabea1a0acd2bef9982988c7975b63befe56

    SHA512

    c6e7b6c90362da2da5192bb8d0ce9c08bdf20da665da7eabfc2ec3aab55e07164a0f092c2d8d2f47abbe8fd818199d35259e7e219fe13d03cb49d45f1d2cb714

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    666e46600e1fd5d8984cc5f69a3c1603

    SHA1

    dd2c1760fc2c5c18d970446f0970a49ba011d6c9

    SHA256

    23d682f1a2e40c32f860fea0513fa86af647d88ca8d564c1f8310998b6dbc3f6

    SHA512

    39a92c78b510386bc738a0db78b8450ba54347e938ad3702f38ed7d36596bceba934827a3c098290c41be91a1787b4e0b4289907d620a9fae09d6d2ee77a1c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\OAEB0P11\bitq.us6.list-manage[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PZSCEL8\NodeList-traverse[1].js
    Filesize

    2KB

    MD5

    dd3b320ccc5c0d69bcc64d220c47010a

    SHA1

    94af09582136bdafddbd2a040538badb3fc738d2

    SHA256

    a6603465765cdd9036aab99713324f4b18c27eb2e5625af08a4c98e855e41c40

    SHA512

    0f73536d3a59bc0ca2c018b460804a9a0696314f7aad885c70c1ed3784ff2e02519bc3d3496b8cf4e42daea19354377d804b185645cdaa034e3177b8f9f773c1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PZSCEL8\WCUB[1].js
    Filesize

    201KB

    MD5

    5c3a2d5fdf9617269321af308f6d8fd7

    SHA1

    1481ee37389d1c107ee20d170b63aabd09bdc70f

    SHA256

    b907315c5324b2502a2d60c4ff4e156bc649ddd74950a1ed758b50c8d149718d

    SHA512

    ac5539818278f15fa2e55a7d10c75695c38d7c135b57d752b9b0182970413cd7cc2f7cc95676d48d711dcfca3c109144cefbb2f102102f73803e5adb4b57b870

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PZSCEL8\main[1].js
    Filesize

    81B

    MD5

    88c8f382ac79bb7d6511faa82bba3618

    SHA1

    45e76153c5e24887adac81e802db00eb732bccbf

    SHA256

    85d0f0c7f0118742efd36a12af4aff69fb4bebeddbabdf0a42b316206acbde8e

    SHA512

    b9aff3ef14e0e210d7748084c68af26002862b5a8c4adab789054ef32338d1df7aeb8c2245b28281fabad287ac614fc8a66ac6f79d35a1d452ab2773b376f64c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PZSCEL8\registry[1].js
    Filesize

    1KB

    MD5

    752c7ae1105bbf959a2d8eda024a33c0

    SHA1

    c49faffe5c7564cc2bd07e335e853771cdf3c3ec

    SHA256

    0e2b4eb06a5e62d252ac1f1f33a1be9c85dd5dfb4cac6e4801abe8c90ea9ec5f

    SHA512

    3fa03659d6ac1f500e160e78952fbeb1a5dad53a29b2e9b6534f118df78a79f21283bc30629d3d6ed3f6bce36e110279633125223cc138a66c3e4246a84c01f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7AAF745H\Stateful[1].js
    Filesize

    1KB

    MD5

    08dc3bd2a1ff76171fcca3d106398120

    SHA1

    7f035fb6dcda2074ec0a0e2869d001ae8d4b5654

    SHA256

    63e4b4440ec54a44e4cc39e748cbaa0050d4863e625de024c3dbf1008333943d

    SHA512

    8bd1bda3750d19cc1b2c4ff1db82fb513eb89d8e9b8938ff77e98c8c2ec2d65e32113789a093df04d8079032aae320bf2f0f8f7f47e0a46c8a7ba8d1602c47c8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7AAF745H\dojo[1].js
    Filesize

    112KB

    MD5

    d3440fc29c3b1e083fc42aaaf2444fdf

    SHA1

    8205a356de8acbda708feaaa89b067b374434b94

    SHA256

    84fcc2e9aa3d97ae76a77e8506f9366bce1dc63a78ce28ec7842186e89120e63

    SHA512

    c2cf14ebdef6bc1a3d9aa18ddbcff3b5240bdedb6d52cf8e7db0f0b370d57699dfbfebc5b6ebf0b3787b0747ea7151b7b0d58d60f2cba3d6d190e01ab014390b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7AAF745H\window[1].js
    Filesize

    2KB

    MD5

    79efd7efdf44d9a210895945bf7e3761

    SHA1

    c2d4102e89a8956ebf2bb4db691b13eed9e06e68

    SHA256

    0b532dd487e3bbc1a2d98d8852e5468e5da395fc5d4b994dfecd64f9f69f247a

    SHA512

    d137d4a375f6767b33eb5ce8918c9344cf3081f38ad4da363a29141a61c58b45f8e2566c6f2e52f9aa3e03b263f48498dba9be11326db6757b6aac87f0b8118c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7LUVE84X\focus[1].js
    Filesize

    3KB

    MD5

    c84318e97f1522b46aa4f9d33965d57c

    SHA1

    6fa0d7b12f0266c315676e7ddd6e7240047c4706

    SHA256

    1ec78200da887a9a9e84cff0e5757ad00512021dc32172effdcaacccdf4a923f

    SHA512

    e4d2a26c5588bb32c293a6ce5614f07dfdba44e8a964af6ec34ff681fa8e73174bb5d9fc785052f0bbfd88c489b44bf396d2e25191c9d3d3fcbfdd74e9569fc5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7LUVE84X\parser[1].js
    Filesize

    7KB

    MD5

    da39da71163389c66c766d4c8d96910a

    SHA1

    63f3d34053d5b5ea5c25c5d83c0c4581bb195eea

    SHA256

    760919ee95272f61aae38fbd8b1a730574d0f960515f73dbfbefec620fcaf779

    SHA512

    7a28de08910bd98ae2c5a9c52e3960e79d7907983a37faf40a6703efb2b6604646bca4f34c4b597c1c879bf53deee1053a3fac2cddbb266b08f6704f3286879e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NTUDILJF\DateTextBox[1].js
    Filesize

    262B

    MD5

    c64cbde75d49d8153c524e42f7f08075

    SHA1

    a4565145c3033846e961d584661865ce198f8471

    SHA256

    49800f1a3925b10d84f958508f0e75490619accef8a2b7d53aeba46724983c26

    SHA512

    8b9cfb07a2c9ce908e61ff8e7a541194adc052c082855182f8170184a58131833d7238d55fc274deca757521997a46d13ba32d2339db2f104ade0881f756b08b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NTUDILJF\a11y[1].js
    Filesize

    1KB

    MD5

    6077fb50dba572c9dcf89eae4363082c

    SHA1

    1509a7d0c4f5a215f7c0f78d7da2edc2ea326a39

    SHA256

    0d20cf4e602e3f6030ca324049a411b73a2036318e61500cb8cdf08d757f489e

    SHA512

    cc57a510d496818fafca56f5d4159b182386ea97ab331f72da140af397d834122fae7ebd621ddad39e3587232c9245d18062bbaf1531ae490ac0195fbfe2113a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1DB3.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit