Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

1295bd2ba4...86.exe

windows7-x64

1

1295bd2ba4...86.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24/12/2023, 21:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1295bd2ba472dc2175049b89a3bd9986.exe

  • Size

    14KB

  • MD5

    1295bd2ba472dc2175049b89a3bd9986

  • SHA1

    3f7788d5beae74893d9f1ea2db817803503e44a1

  • SHA256

    e3df98b51d861e3b63fec904f84e269c01499c403aa536f9ad2ad4dc1da0e5e8

  • SHA512

    80788ed9c22ad1f53fb4c478baba800846bdd8328e964f1be6345131023e0e0bfc8203555df69fdd9ff382e0d9369634fe08167d350611a2dfa659620104e3e7

  • SSDEEP

    192:nlUC461A/0LiQxqfKD6VkagfWhiQ7SMrZQl96Sd/Cv+OHLQjcWFDZgmC:lUFx0iQxqslQm39b/QRLAzFDZgmC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1295bd2ba472dc2175049b89a3bd9986.exe
    "C:\Users\Admin\AppData\Local\Temp\1295bd2ba472dc2175049b89a3bd9986.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.google.com.br/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1028
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1028 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d91d89ea803a471a60e07bf355c254a6

    SHA1

    5452a18e14f1be984135a3bb1937319c4d8f9181

    SHA256

    6e391250694af6b532cfc879efed673b6f24c83b97ae500e24b97ccdbde5546c

    SHA512

    f7d3dc037732a965e7524beeef2587f477d4e7f7d7881d6256f0474d5b95896d8b52123345945da4e892e50225ee0b4fabb7254278cb8651ee4ad400a09303e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebcd086be76ac903c85bcc8cc9fa2fe6

    SHA1

    a072f45a5d30f5ff4e2dd3d47c2635b0250561eb

    SHA256

    968fd4011fb14eed2c105a4d22c0483f473f676835bd4fe97be27373fc7957bf

    SHA512

    f5dc49849e3a21573370c5a25a1e715517dc823dac7bf7b7b081fdb3dde1d4f48601ae85c5cdfe814db80647b031d513ec6520714b879fcfb6ec5f9cff887736

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99d1741a7e737d7b23f2735f3d5005dc

    SHA1

    ca42c779acca5147d8acb106b0ebc5cce49092e9

    SHA256

    49ea0f36b1f645006948f815b10d82583beddf2bd1417f7ab9293cced38b7f24

    SHA512

    a5730177256c39755bcd1713c16e11de97a0310771050e874c887cc0034c736005d46e495120d606859b24faa437e3aefcc4b2df9bdafb6e01ce4c49de881b3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f002d9cbadc49509529cd3a76ed3638b

    SHA1

    59c46496c52d5380831aab3b902f7e07d707390b

    SHA256

    059f1d3dcfe0703018a4c490f38c3f405132581f0a16e592683951ef69cf3607

    SHA512

    0a84c90f1df3c36b2dd3f68df108add6f8bbf5f8828aec45dd72e3186232b52a7c1d5619bc5058cc49dc7e30d624c7b8d51008e167f71b14b8562c701efd5d6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    958edc8b0ff6ab205b4e9653999a129f

    SHA1

    df31731319d53238830ddab4b53fe01b4ed2ac85

    SHA256

    86d9a1e469419eb43b0eaf4daf70930ad56436c839ce4fbab38adebc8de940f3

    SHA512

    b655e623e0cdfd08f000a73202685c259cf6e1cc8421838a60dd099a34e6821e7c506da81451d72b3c85d9b282e126ea9e95dab7f06e2d6144487cb78ede0526

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    77712cfb80af949ef9abb20579d3702b

    SHA1

    3fe076da4c361346b9c0dd35bbcf62e4c566a354

    SHA256

    afa9da8cd52cd305d3a9ea4615675590434aea3cd6758ec7ce1e728bd648f519

    SHA512

    ab5fa15567a50e0ef6b3576327a11a500a9b2c2f7e53b8dcc4c5974a45225c824db9f72984467f36ba69d5ac9ce7be41af92bffa021f17b66873fca8550ec825

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1581f33a3096ca8d0a3a2785277642df

    SHA1

    45d4281c07e2747833d996e6346c60525375f169

    SHA256

    de3e0d34e0c73417c338e4aa26faf12ddced26c0ac813c8a40ea4a47451d415d

    SHA512

    7a0890755a9356191dc704073809ab7e32c1a6b37f7046345d24bc1b3220397546587cec6507ac4ea2917e6452ce041f0c58fecc20a74db006c9be75337e3a40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3828ebe1a43327d1888a64ecce585ed

    SHA1

    eca28ed35c441ee34c16ae945bb848e328bc3075

    SHA256

    a92790f292f5f01b4772d39de69ebc2487aa7ee93e831f9ea0cd4755460f7ab9

    SHA512

    15646fc5eec3109f6a48c4d0d437a9da3d6c4196b4518300845e9afcd156687956b7279d249df8529c6a493c825115d5b1fdc92878aa530657186e5911a93406

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat
    Filesize

    5KB

    MD5

    b272c16b74b108a4527b34792e8409fb

    SHA1

    9a700653a64835f864ff0d7add66b7b7b5cce458

    SHA256

    0b1cbcbb9afcb58eb166fb58a7f1426ee5b644528520e438c5d5386a2f8e3544

    SHA512

    bb4bb59f7d619bb8c5c939e6cd9510d20098380fb9321bc1c3ca6b19d8da17d86d9e252b36914c75eb574e2facff82c9d81222b693b9fbeb9438ae34bfc981f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\favicon[1].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDAB6.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDB94.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/3036-0-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download