Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

2d54ee8ac6...0.html

windows7-x64

1

2d54ee8ac6...0.html

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 16:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d54ee8ac627a3f229dae705dcef8630.html

  • Size

    1KB

  • MD5

    2d54ee8ac627a3f229dae705dcef8630

  • SHA1

    ee7a7991e82b57693e4935b6fde2266dbf82e388

  • SHA256

    7bdc501996b6ebe86d4f084e06fd153bcb7cdc267e81058596dd2e532dfac6ce

  • SHA512

    df93ee0732f0c27191ff34f6b8075fe547064e05d6efff5ea8404463dcc15e96e41e96a058275dbf933cb21b24cf320ddcfe9248a2291e3dc1fda569fe8d8276

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2d54ee8ac627a3f229dae705dcef8630.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1048 CREDAT:275457 /prefetch:2
      2⤵
        PID:2148

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c23b3b791ab37ae21124e40c13ce752e

      SHA1

      913e35bf6ca516d2dc5d1674bd12d51af445b2c7

      SHA256

      dacfab23a9d373405ef10568a498d7eb317637f4bc80b815aa330786719fd4a8

      SHA512

      98b8a55f72404585822f8ca74281b16d625c4924e8086e8cbc0affc96836a57262f255547ed258653fac9da8bc0eecd1fbf450a227a5ada9621ed30cb86b9e64

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar102C.tmp
      Filesize

      92KB

      MD5

      bb84d39015d7734bc7ec5da88a516b23

      SHA1

      1a15cbe452f750dc4f5d780b2517fbf82db39fac

      SHA256

      8f807ac7fa789d13f51c3451b2728ae70fb489ff20a8c20f073e68ad0927a882

      SHA512

      299dfeacc8cfdd600ce91764a0b3f75a431a795635989c2a53dcd40cd1c42c17f92179e8b239a2596414ed59ba7deda1e3503aa5ac611703bf3cf7a0a8abbcf7

      Download Submit