Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

CMDLGCHS.dll

windows7-x64

1

CMDLGCHS.dll

windows10-2004-x64

1

COMCAT.dll

windows7-x64

1

COMCAT.dll

windows10-2004-x64

1

GAPI32.dll

windows7-x64

3

GAPI32.dll

windows10-2004-x64

3

RCHTXCHS.dll

windows7-x64

1

RCHTXCHS.dll

windows10-2004-x64

1

RICHED32.dll

windows7-x64

1

RICHED32.dll

windows10-2004-x64

1

RICHTX32.dll

windows7-x64

1

RICHTX32.dll

windows10-2004-x64

1

SETUP1.exe

windows7-x64

3

SETUP1.exe

windows10-2004-x64

3

ST6UNST.exe

windows7-x64

1

ST6UNST.exe

windows10-2004-x64

1

VB6STKIT.dll

windows7-x64

1

VB6STKIT.dll

windows10-2004-x64

1

asycfilt.dll

windows7-x64

1

asycfilt.dll

windows10-2004-x64

1

comdlg32.dll

windows7-x64

1

comdlg32.dll

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

ipaforenglish.exe

windows7-x64

1

ipaforenglish.exe

windows10-2004-x64

1

msvbvm60.dll

windows7-x64

1

msvbvm60.dll

windows10-2004-x64

1

oleaut32.dll

windows7-x64

1

oleaut32.dll

windows10-2004-x64

1

olepro32.dll

windows7-x64

1

olepro32.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 23:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help.htm

  • Size

    8KB

  • MD5

    7d6ae71e3a441ef7d2075e0b5fa72cac

  • SHA1

    b33ddc62a2e976a1dacd11f440d152958fdef470

  • SHA256

    2e87c9d12778f93cf591012ac827cb27b26209d6e445e8f4070eefdee5bb07da

  • SHA512

    5b60ada6eb08d449a0574e2b94cbf88178942d39490dacd995dc72e91e2a54858de4ef22fc4d0b16047dc3841a47d86999ce824752f3bb8cfc22b9d5237fdf50

  • SSDEEP

    192:TktGUeQZY575twZAftN01psnXh5f1kdjZ2hJFyFKkC/Qoz:EleQZY575twZAft4psXhfijZ2hJFAdSz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9a8817ed39e7cc2a6c2059d8befbc85

    SHA1

    3723e90f70cde0304fcf0189d05737a50a3fe453

    SHA256

    dadd0a75f1bf462dfab61283f0e8e7de49cf683b08b95465ff50f5a2c4eb3aa3

    SHA512

    44a79f07c2aa208d73e7a178e6d6f7680c9e04d47bfbe611a657979665c14b32e3f86e6b884437e9a1329b2e0535cb95e21592f7a0fd60a21aba763f07fe2913

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc61a505f9a09b2fba31860dd7a897ff

    SHA1

    d6235d9e59a95cddea1e1e66a1e4a2c13d1d7c0b

    SHA256

    dcee36c5848ab998c435db87f48e09b83471090e53a8fee28bc47ab173eb2e02

    SHA512

    48d48d84136f9fc1fd61c5a55d7ba26d5c7f24c5626d9dd7bab6b368035d74fb80dff7f0a4ee0a13eef5d89589fa6e6e7bf5cfe51c223dd775da68f1bbdb30de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa3da647e133738077804363d0bb2df9

    SHA1

    baf773eb68d67d52b1d239ca28164bcc59e27365

    SHA256

    76dd34df8ba76c69e99e22e45cd012de2d61a5ac17bb51f8aaccb9d895b8e3d9

    SHA512

    135c7bedae275165cb4ea7b1b2115477d7cb5f570609ec51b9b59be842e0eaffd3ee885dddcb8fccb17b2337fabcbbf11d3b9b058de377fc6f247b7d5f713f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f16aad9e204e5adae34d8a250623d1c

    SHA1

    16d96170110447ae5252c9c6958a775a371c3fd3

    SHA256

    d798e62fa8652a7d2fc6666dad45f29410df3db27825cb86d8ba47dc4fb3c37b

    SHA512

    8d2fc53fbed8d154c86a1ee5a5efb48097c706f768e5b4423ac7ad6d1cce5d9619727199a93f654ff181a36202029072a98b29849b011d0c92f91a0b28dd91c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fc650c4d1665cc534cda043544855f1

    SHA1

    f9066d9c6780ec4d93efaf0a69270a1138c15137

    SHA256

    b968815c5ee4271ded69f0069d0b472025df23b3f3a4a2f201b61a38a26643cc

    SHA512

    89c40a4e09874f3587d5dcb8718a35b441690e7e9e3887ccd6f4d81bc4103719dd60b2bcda0d4e0062cfce09bc4e10a65a87653dd37f45d9077d09d0b0df7525

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ccbe1fd17faedd7ef60b6f2c926b7b9

    SHA1

    23869de1c71b82f41f87a38196f2430baef3359a

    SHA256

    9c5e99198041edde7dd7554fd1015377d2749781e51f37f690ab3751bc5264c9

    SHA512

    8b12a7fd0a6ec7fdfffe3955f3575ad861d4f543deebc5a323b010568957fc9b200dc2556b3ee4c7f2034d4e0600f0153cf99b52f1985cbf3e3b036d829257cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA62F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA808.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit