Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    0s
  • max time network
    55s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 21:49

General

  • Target

    1d95f7ce065690294c014f7047333151.html

  • Size

    14KB

  • MD5

    1d95f7ce065690294c014f7047333151

  • SHA1

    2fe8812a9f8bd82003b6728c94e473797f5ee08a

  • SHA256

    dbf832622bd262ad79f036c1c9d9cb9c6f15e9775b98a978d562898dcb2683da

  • SHA512

    9b37da0a6649eaf2f1218de65449d7383b048cb55d5cf33c02476d354b8261774e2781786164fa96134b2e0c0b335f425d0906274acdce8a87bb98b463dd3a14

  • SSDEEP

    192:1D1f83pqnHWxN6Eb/E5cSar0n7mWGd9gmGRw5XnSQsW:Hf83pqnHWPXDEmWGjgmGCxSe

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1d95f7ce065690294c014f7047333151.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1392 CREDAT:17410 /prefetch:2
      2⤵
        PID:1280

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\93A1F764FB1C2BC0A4FCC674D6285F54

      Filesize

      5B

      MD5

      5bfa51f3a417b98e7443eca90fc94703

      SHA1

      8c015d80b8a23f780bdd215dc842b0f5551f63bd

      SHA256

      bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128

      SHA512

      4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verC1AA.tmp

      Filesize

      15KB

      MD5

      1a545d0052b581fbb2ab4c52133846bc

      SHA1

      62f3266a9b9925cd6d98658b92adec673cbe3dd3

      SHA256

      557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

      SHA512

      bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\QSO8CY24\suggestions[1].en-US

      Filesize

      2KB

      MD5

      c1394fadf7e40c3c9cb03ee64a25f3cb

      SHA1

      5f45a2ced256c7c7616b465bb89c72ca42740553

      SHA256

      c1e34335eb07bd560b387d9d450094348fa9dc2fa8af69034803eee5beb1644f

      SHA512

      de8e05defa3763e96b014993883b99050e797c79baffa2dd50824900dbeb90317a84980a25b1c7cd9eac19b25868f40b1016b347775474b5b4f1b6d2f27c6159