Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

=?UTF-8?B?...=.html

windows7-x64

1

=?UTF-8?B?...=.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 03:16 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    =?UTF-8?B?UlFGIElOVi5odG1s?=.html

  • Size

    5KB

  • MD5

    f3e5b527210a989fcef0a71f648d6ff8

  • SHA1

    5df855e70dcab7a46297e6edd1b31828984391f6

  • SHA256

    edd86a949a6af7606053a0d3d169e038d5d7a1bca191fb49c234c4da1107f35b

  • SHA512

    40ae9561b08aa7ae6d84d1176645c0b3c818348bce923354331005636eaa8e0e00d330843c63d0906aeeae2936956f117014073a669a5e638909993c23b506d7

  • SSDEEP

    96:igMJHkHGbspbibqiNrCR5aHpUyQ96dMntUhs/EPDvntHTrfn84dUJ1GS4yS:igIHkHGebibXY5ae6dMntssMPDvntHTb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\=_UTF-8_B_UlFGIElOVi5odG1s_=.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1212

Network

  • flag-us
    DNS
    i.imgur.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    i.imgur.com
    IN A
    Response
    i.imgur.com
    IN CNAME
    ipv4.imgur.map.fastly.net
    ipv4.imgur.map.fastly.net
    IN A
    151.101.60.193
  • flag-gb
    GET
    https://i.imgur.com/C1skhwK.png
    IEXPLORE.EXE
    Remote address:
    151.101.60.193:443
    Request
    GET /C1skhwK.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i.imgur.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Connection: keep-alive
    Content-Length: 35542
    Content-Type: image/png
    Last-Modified: Sun, 25 Oct 2020 05:55:15 GMT
    ETag: "db4478866853991ce32e2cf3923c7638"
    X-Amz-Cf-Pop: MIA3-C4
    X-Amz-Cf-Id: guCs42Vn9LQa_MC3adlBPaldBA15PR9B4fTEb0gs5ZgJv2Hl-V45Dw==
    cache-control: public, max-age=31536000
    Accept-Ranges: bytes
    Date: Mon, 25 Dec 2023 12:11:55 GMT
    Age: 1599752
    X-Served-By: cache-iad-kjyo7100045-IAD, cache-lhr7341-LHR
    X-Cache: Miss from cloudfront, HIT, HIT
    X-Cache-Hits: 84, 1
    X-Timer: S1703506316.952151,VS0,VE4
    Strict-Transport-Security: max-age=300
    Access-Control-Allow-Methods: GET, OPTIONS
    Access-Control-Allow-Origin: *
    Server: cat factory 1.0
    X-Content-Type-Options: nosniff
  • 151.101.60.193:443
    i.imgur.com
    tls
    IEXPLORE.EXE
    996 B
     6.2kB
     14
    12
  • 151.101.60.193:443
    https://i.imgur.com/C1skhwK.png
    tls, http
    IEXPLORE.EXE
    1.8kB
     45.4kB
     26
    42

    HTTP Request

    GET https://i.imgur.com/C1skhwK.png

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    827 B
     7.9kB
     10
    13
  • 8.8.8.8:53
    i.imgur.com
    dns
    IEXPLORE.EXE
    57 B
     112 B
     1
    1

    DNS Request

    i.imgur.com

    DNS Response

    151.101.60.193

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dac138a925b6cfeabf46e9a588aa110b

    SHA1

    3cb6f84c727be5f9efb59fa8e36485f1181d2e35

    SHA256

    1ab19dcb7d8c17497a359cb07ae07305303e0ebfa052d3cb632e03067388bb3c

    SHA512

    04c392d361754edb7e4b5b12e65148f524b3d10d1d1a862a027a9bcb083d02d60fdfcf0786c794236ccf68556eb02e549c773986d02004558e783552c5456bde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb3dfacdbae8b9e211d78a3f7fe6f7d2

    SHA1

    5af025da04b5387b772fd610c528bdd5d6d7434f

    SHA256

    bf1406ec13000b0ba70f3d8eec583335b95c905592192e10918c193abb2e4a45

    SHA512

    22c5d87d15e21904ba1d49521016d01d890e753466b9a8fd92a576e29812836f27ca01eaac22a797671d2be7bf488a03f5ec0f173ed218b84bd7edc1dc1f6012

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b8c7d82315e0e0cc71886f90f5e1924

    SHA1

    d1cdef414f23c274164b0a7ddcf8e71ba6110cf5

    SHA256

    3fe53d24c300ffbf069d2928ad1de9b0d74d6a25b6ea98366db05cac283b35e7

    SHA512

    7774e15d75d74997c3ba66135ef037a291095a0e97c089cedb2fc91fb4aa13fadfe002d42f6a32e3b590b287f1f0e46093c5e8dca4a63c11f9f5b4ac03f262de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8fecef1a6fafe42bde55147ff4b096f

    SHA1

    089bbbe540fa3958ef3d09e8c6a404d1e6fbd3cc

    SHA256

    e8885bec81e1fa824c3013fcbf3a44168bd6d5b8790b8bf66991ff16fe1a66e0

    SHA512

    a2fec046aec21455ee5acdbe2517b438fb7a5e3753537443102c78169e959f04c2aa23de38ec2e3d4a3c3a7867a1b0f3c11b7d67c2fa70deb22781ed23cd8a8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5f5c50fe3ef12032c596da12c6fd803

    SHA1

    90f8a3dba86ac30027801e098eb3a5889456aa94

    SHA256

    9e2a6d96369133054cac1db7d5f8caffa7c34e1e177bab18582ff1f013e48ff1

    SHA512

    d8ddbe2498b3388f3471467ffaa7dbee3675bd9f5de55f09ec7edf04a34aee5232bbfead2f8efa4fe9c8b233e2ba9d9438ebbfe3b422bd599f627d3a7193ef09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d018caffaa6aadde24ec52ecc855073f

    SHA1

    7696a9225e37677ff789ec63b5131347ff0e851b

    SHA256

    e8ed2c6b84a7dcda8d388833186ad4e0e4cdca2a3e4031948f0613ebed6c5aa3

    SHA512

    b22be5bd1e1ea3680e2d6f6b17a759f9609f25f0f056771538ffd42a60cd17a830462bd1293944b5e502b57e6b9822cff16128b1fb8a34fc7b437472b07af301

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b120d5aee7db7a265eadc2abcca734e

    SHA1

    a2933b5081402c62b4a55245bc6287a38c020ed5

    SHA256

    970e24166f6378a5a8b3734cfc6f7b403355edf2ddf887cab10bb6a1b46f8f37

    SHA512

    9616630421deebe847c1907b049aac2ba0d673bf42fae9b6b0f62d6778dc02948d71c7e4b83c0c8d68c8924147e8051374258ccd32166be8c6b9a027ebc8fe7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea895ecac7d7d05a1d9f291922f8b0bf

    SHA1

    7510d3d3ef5f817c79f1a6338403ebc8aa4e9486

    SHA256

    d81359a4d8377138f0113ad09eb8472ca329e6833dc98fc277e5c7d1d43a9d97

    SHA512

    9948f44b87a5749b971a50f2c8f35a6175e7694f455327fa682dcf333c938063f9ce03f7e9d1e7422859369aaa7ea025aeb3ce8ab7ef8ab3414149e415edd13e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46f65c868b3a3f394d987cab04878621

    SHA1

    799d6574a1474704f05fc790ea14884f2128573c

    SHA256

    d0fc0cdca53f3c372714a6875d252668ab26041225a1388b2e99d66842200bc0

    SHA512

    52d2e8f1f28325f4e3666c7306b7511f4d337d2f085b142684b97e158f67b08a3a2014965f1b4b5e55e858409d20d2817d6a56d85632c8f3b2fb26752a6e827c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b9e2a6913b9e5973a72c0eae58d24f4

    SHA1

    eba2e3655f21283798c7911a991181d59ad1a5af

    SHA256

    7cda9250dbd104b87bb0a2468dd91d80370f05e5d99145df853d6fb8dd17be8e

    SHA512

    0187d2b31d17757c7d58861fa66ff25e2eb3db9c9bf55779ce1c948cb6a934ea9ad6f1c5d2f364fb9020a191056c35d687680fd1b11101b9a9c2ba146399197d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c919e3204f604a447e0465a159caa0c3

    SHA1

    8e042d83e859d5d6e2eb165331924e373d060b3d

    SHA256

    6df972d18c3bb01df8ca6c05d12331e38c0429c858fc07af7b95cd3bfb3e9663

    SHA512

    7f0c4ff9548fea632121d32686a1654a47bbf45e3fcd63dd461d747a5621f4c6460abcca8af3183f163ee4c59acc2025df138eeff58818af478077e9e8c9f754

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab985B.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar987D.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.