Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

fxt/飞信...ms.htm

windows7-x64

1

fxt/飞信...ms.htm

windows10-2004-x64

1

fxt/飞信...PL.exe

windows7-x64

1

fxt/飞信...PL.exe

windows10-2004-x64

1

fxt/飞信...��.exe

windows7-x64

3

fxt/飞信...��.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    72s
  • max time network
    176s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 23:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fxt/飞信通客户端/888netsms.htm

  • Size

    502B

  • MD5

    387df9893ebf13aae81b1c60e90f7ceb

  • SHA1

    ab3b0ae374b957a01bceddb1fab84d5779830eb4

  • SHA256

    57589e218ec0a0c2edcc82d7bd729a1e3ad3b59b881637c46eccf6ccb111cf78

  • SHA512

    9a426039ef79b4596eda9a4967ea1c03f80cc2a24f04f842858a9f07a292b2557d53d6f07165750d09d504e72967d212bf7f54caa988100982e6698301e39e08

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fxt\飞信通客户端\888netsms.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2704 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a1974bd50c048f6034a07b3b1d2b88f

    SHA1

    72019224d5cd595ee525ada8f7bc4fde855ea43e

    SHA256

    45eab67d6473b5c2f302fcba13c51bc269b7a3ea046f4703a655aead5434677e

    SHA512

    920477aef217831007c627acbe7cb186a60db1efcf34f5e3a588b69f0152de94a2844dc31e790f5cf6bd1134662584cadd764e13df0948660112953f56162e49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d762a5e195add45c39c18ce2685bc44

    SHA1

    04748947e1a554c4b783c426cb3085349331b1d6

    SHA256

    6ea1e2d93d701980f622be566d9f178d17f04e3cab145704d00427f275183d44

    SHA512

    129073d5f687f4a4574cb5ee2115efa88677e00e842c29d3463a84eea65e14423ce6e68f4ce286e6bbb96b53d5a18671804e5f29ba6c845ec5e2a479c7f8ecca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    814f09a51109a9676ab2d74398237f87

    SHA1

    031f323a48839b8b3cb46d377b6cdbc85844dbc2

    SHA256

    1443cb9e9d5de1780dfdb2a98cd181b782d7188478f96beeddb63447c67f7c58

    SHA512

    3005ca09c0cfe80a0d680f9f5cebab8b48409df26a302bea4fa217b2f027856be52646fc2fc9a99fc83958d0e0fe68089f3e3ef2c5e35dcfd6679f94d4877512

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39e00b7756c5c30ffce8abf6f7f64cea

    SHA1

    bbbe1bffc092fcf6fb36b56e393bbbbd9d35d269

    SHA256

    ea83951bf0d43d5d1748bb3de1f958b28cbe1b099543e1ddc10139f5af082e9e

    SHA512

    732b28138cb03d7c0c712b50efa9ab89d12f5edf065b17ef3bd4a3667949a0933669bf8e1def4347a5ef808c46bcc51d387cc13fa21570079fa8f0822c495505

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c2b35d6c3b596eeec7f74aab4c42908

    SHA1

    8c1baba482bd9b2cc0c0f0879c181628a7f8bdec

    SHA256

    a4830120f3766c2caf6a8eae5dd9afe792c87b094b71ee0b0243389589e4802a

    SHA512

    ccd28f4c3308950e339ec145ee77297878c6ea698fa39cb920f437955ddb8aaa1046bed550053073fac46391e46b2a714c960bbf41fa6c3d7b5d586a95fe69a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a890deb20343d8e074c7bcf2bc36a12

    SHA1

    25d2450bba413013a14342384178132b1e42eda5

    SHA256

    a82e3788e48ba9822f4461fdabe97731f336b6c903feede3284a3e778108b511

    SHA512

    aa212691ed3158cb8a6e7c46231baec633f6415970bd887b4f875a769718b695ed460072b1b541459a7c46f4a8adef82d0daf9276587d82534169748854faa9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25d4deb3b20a0d67b74905c2c8360579

    SHA1

    72f531e22c6d47a74658a3d3393e5d32bbaed094

    SHA256

    0d9510b6a1ec578172e8bd100b3ea092ce39961fce37743371a08119ae936811

    SHA512

    8f684dd551ea9106d37d4f65a6308bc00b3e3bbf097029f8a81aa59ba83a383aa63e003fa1e61cf8cef9e7635705954713d900ded87ddbb4e5933425bbf9497b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6439df232c1f703c47a6466185ba32a

    SHA1

    07a65f2696071eaa8b5f4a899f64ef8d642ea86e

    SHA256

    e06ea79729cdd8472172cb0dd25387a0b9d84e3791dbd0f0f5d97955328d59b5

    SHA512

    4e51ac485fadae23a948577da786db2f0f0b1991d3fd3280ecd6a5dd04e757f75c8bd9b55762a5f4f39e57afe2a0661f707153fb6bd0ec0972412a731fde68bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF3F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1423.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit