Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2574398c3f...c7.exe

windows7-x64

7

2574398c3f...c7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    164s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 14:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2574398c3f6e1bf2f31e3df83e673fc7.exe

  • Size

    3.8MB

  • MD5

    2574398c3f6e1bf2f31e3df83e673fc7

  • SHA1

    2d0a705f9be2ad4927107809913b0aa3e82c700f

  • SHA256

    514ea24119078c729f0782c18927a5a71850aa68d5cb2da84189abab3aa97d64

  • SHA512

    c664e49c4a552c5a5222f163834f58611fff56b7dbc2e363b3b7c023b02604cfafd65504db55580e0bda138d35c29c1b4cd7bd8f1b019b94e03372ec6d1636b2

  • SSDEEP

    98304:qvFw46/+6GYHcBn2CMdY49VnVXBl+13OkcK5igcUTLjcXg3QKPXgU:qdw4uD9GrMW49VVYZ5b33QKIU

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2574398c3f6e1bf2f31e3df83e673fc7.exe
    "C:\Users\Admin\AppData\Local\Temp\2574398c3f6e1bf2f31e3df83e673fc7.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://macromedia.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2816
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2816 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2116

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a6cfbdf2722ced367be3f51c82f9a98

    SHA1

    e3253d3ce5bc358d94b2ad01198c9333d1574d43

    SHA256

    3a61c1cf0c6f56a7f3fbf87f355900e67f086535c66ff543acf5f41d5beb410f

    SHA512

    ff5d3df305856060716597cb5b2c7c4edd21aa140e074e19f4ca519bc709c7b7096f83d1d6b82cf4ab74980586dffb3f54b3336353210e2aef00779d1f5913f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f5bdae7e64fa4442c7e016a82447c5c

    SHA1

    ca8c8a5fb2e7838798b7bbd76b2808bf9423385b

    SHA256

    47c85549649db6fcb734fbdc7ca4d69edb8fd5463bac7708a203b2eb96d69f21

    SHA512

    a039c0453631dc6659c54d19c5baca8b1f0e1add91a4af613f49d26ddc12f49cd40fe879e22832f87053c60aee625728f1b74e8aae9f5b56e3ed51245a697f22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d46870a0c1cd60ec8e618b9df0dedf4

    SHA1

    d9ca23a008c390c9d5f52d8349636621493f88ee

    SHA256

    1a1a414de42700a507b5adee39194d0132743f4689dd79dd0dca1f50a732e8cf

    SHA512

    289d9cf213679107a83235ecba08128b775ab6f2c84b8437dcc8d030802e839c5c3702f0d5a380c1091ad99c8610c60bb3c5978e72e09c823c9c65f4082d4836

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78fe9d2b650eefb13bd5d387a272fe77

    SHA1

    f53b44b4c397d06f1c0d416db2dc6faede1485ed

    SHA256

    d7584dc3a1f2786888f0dd9456eec06e1032ec98d191455061dc5c06f608f4cc

    SHA512

    20f48a250e6e3da0a42821608fafc17963db54ef2829443cf54bac0c33fe6c71509c73aa339e26e817ac2ed975acf373d3fb20954e80a6c2c4b5608e705055a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    427e98a7e99a7c8898de72750d709745

    SHA1

    10cd360cc0b8c90320129a02a776c050223445ec

    SHA256

    1886e6b853273ff33b832004ca34ccbc894db89aa71a90f4e1040aa0b6097513

    SHA512

    130bb7196afea79c5910e90f426341f30304dd00e9b70ee9bda493334a5092e00380786d9f5f4843ccc579f1860a3af0820d1a553c7a49d5e9ba084a7a137263

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfba6defbdffbcda4094f1e1df542e7c

    SHA1

    151e7b977d80f6fa5b64b31ddd6c61c511afb6a4

    SHA256

    92ebf4e4174ea13bb93cafa6088b61c24b843b4512cc121a058d8f96338977c9

    SHA512

    6ff1cb8484263d408fc55cbbec0ab8d516d7523b49a9205f643ea77353452c6f0a30e4aaa0a081cb4f76c5e13efd8aaa911c0a7fbd98e21dc9b576681311f175

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3947ecaae96af7bc27f9e94ddfcc510d

    SHA1

    d8a5aeb9c4e273d1a19f31624c553bd01a364d4e

    SHA256

    117274cc032cb8c0d5df36e2b09a7c9bb09e7f438a249c96e483eaafb3a14d90

    SHA512

    071dece9cf3907bdcf9bcb564bc6d5a570e9616118113e52596f19e090f68abfe88ea403f2277c7731a70155106c28d875ab86202c61954ba43065af16846f92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac4d0f3ee8566b593a23d92cd4cf08b9

    SHA1

    fb1d00f3f106d780814c66b4c96ec5e4a2922cad

    SHA256

    8e5afcb0babb3984c00010f342d2966a296d33b19693f7dde76e96531dbbbad1

    SHA512

    ffcb286d0f351bdc8f4972b0cb3123ea90e0b23886f9b3c1bf778ada9ef0dcc9ad651908ea976847d7afc67869be00ec6c80c40fc031e3d0e9efd706edc3457d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc078c2b331f724023c372f3a6a060c3

    SHA1

    a73e60903b4d770986fb54103619ea31c933bb57

    SHA256

    06e73fefdab23d7e3bbaa1ebbc9b3b1a256b8c11eb1a0230d5283bc972b71c70

    SHA512

    c9aa28c19bcc69571f3de3e0f182f1dff9af8644fea6d444e7df604839968c9cb301b73beab40842895729ce9aa7f6c2fafab7cb12cc6cef184505c07392fd29

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6848.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6879.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsj6B04.tmp\UserInfo.dll
    Filesize

    4KB

    MD5

    419d642fe3436fda8bb22eea9c37a6ca

    SHA1

    c1644131b880c6e03f14de3c79efd27093a77908

    SHA256

    25c4f65b02eca4ad897d7a623b3ca1290bac836e98ab5ee5f6c527dfb6a41dd7

    SHA512

    29df088e3b5189efd6fbeebc2f23c5850303d40fe5331cd336bb852d986f9ab66f7bcd963ebf8c4e4eea7d49a6590027490d651a3e4781024c7983a2c456a337

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsj6B04.tmp\spd.dll
    Filesize

    4KB

    MD5

    8bb77ed61759966728b7cb065e0081ee

    SHA1

    b2f1407daf21b301abea7a20cdb7fd181e3ff042

    SHA256

    ab5496eef3b68e865ef79bca1a88813876589d7d63bc76808d6df38a88eaeb80

    SHA512

    419541ad425373dab928f00e60bf83b19d53268e6d151d467a13dfabdb7a6a179b93c3f51c7fce394b062d619fdfcac587e3c7110ce1582c9d5e7ef85ec4cdf3

    Download Submit