Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    1s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/12/2023, 22:05

General

  • Target

    148505c0880f03a7c62587e869e914c4.html

  • Size

    6KB

  • MD5

    148505c0880f03a7c62587e869e914c4

  • SHA1

    c90931df5d2a2f981c150f7415906b2b7d706436

  • SHA256

    e487998d818beff5606201608eccd698e2a5c8ea96ea6ce80d54c6015547df79

  • SHA512

    ee2439173614581daf72b6d002259b33dc04c8152e111aec71f66b2c2cca912c83c137359ad0377cfffdf61a6b398c556f4b650576d00f124effe06a8b096443

  • SSDEEP

    96:uzVs+ux7R2LLY1k9o84d12ef7CSTUHj/6/NcEZ7ru7f:csz7R2AYS/+4Nb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 13 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\148505c0880f03a7c62587e869e914c4.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:220

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\SB302YPZ\suggestions[1].en-US

    Filesize

    15KB

    MD5

    abf4089ef8a63de89c5206ead35bc933

    SHA1

    8538c582a2f80d21328c0ee693dac6048dd502e4

    SHA256

    e1a4b3a4e1c945c4e5c5b0896d9aad3924be127d3f34420ddf7529ff2d044a80

    SHA512

    582281224498c01d9e1cf80ef4f32a7875af1a53e6dcdca202afd735bf80e9ff964c9286bc9beeb93a911d6bc1fbcf926b26e85f420ac491a9b5bfc50212bd6b