Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    0s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/12/2023, 22:50

General

  • Target

    1712ec2b42d3c526ac1ee57eeddf32a1.html

  • Size

    10KB

  • MD5

    1712ec2b42d3c526ac1ee57eeddf32a1

  • SHA1

    568e053fb6493aab07c839a34b413e4312786c01

  • SHA256

    e8dc57b5fcd2f138a8f1618b9c61275bcf4f07429c3d27aacc88e9a808f462ce

  • SHA512

    4b7a6ae299c4cbf39ac112546223a1eb0961326a53a381d2c985d1630d6c34e6746f659d76ccafc0a90d06ef3b827c6da44e5cebd79e04255251ed4a39a650f6

  • SSDEEP

    96:uzVs+ux7cLLLY1k9o84d12ef7CSTU1GT/kRM1pbmhAPLlVHcEZ7ru7f:csz7cLAYS/cabmhAPLPHb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1712ec2b42d3c526ac1ee57eeddf32a1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4484
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4484 CREDAT:17410 /prefetch:2
      2⤵
        PID:840

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verC534.tmp

      Filesize

      1KB

      MD5

      eb67baf06a1d94f22035da0b59a13d1d

      SHA1

      68948612d15d7eea6fbdb80371d9c7f78ff9b189

      SHA256

      428769b8aa88bd8024d80218948cd9af21332cc919bced628a7d8261aaffd800

      SHA512

      cc0f8e6fc3bb6765993e1074b4e34e8de49acb9c771635c02f3471249eaddd6c5a549cf492ebddf1af2e90d82cdb3f7a603fc0443334b9d4131ca78c50a085a3

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\QSO8CY24\suggestions[1].en-US

      Filesize

      5KB

      MD5

      3969b3d3910063b2ea89e78caf54ddd2

      SHA1

      9a2c35ea3e0a47d88b860a24308cdc2cf23af8d5

      SHA256

      05b990508145c40f5e7238b0696a0e15bda306f901d985f38ea0dd550b7e2fbc

      SHA512

      c37a1e55c019516cbcf79658fc12a61fbb1b8c6ea094775bbf06522a88ddaafdc8c3e503d837c223d2a530fbb939607d443c652668e66e0b84307a267b0b9547