Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

CMDLGCHS.dll

windows7-x64

1

CMDLGCHS.dll

windows10-2004-x64

1

COMCAT.dll

windows7-x64

1

COMCAT.dll

windows10-2004-x64

1

GAPI32.dll

windows7-x64

3

GAPI32.dll

windows10-2004-x64

3

RCHTXCHS.dll

windows7-x64

1

RCHTXCHS.dll

windows10-2004-x64

1

RICHED32.dll

windows7-x64

1

RICHED32.dll

windows10-2004-x64

1

RICHTX32.dll

windows7-x64

1

RICHTX32.dll

windows10-2004-x64

1

SETUP1.exe

windows7-x64

3

SETUP1.exe

windows10-2004-x64

3

ST6UNST.exe

windows7-x64

1

ST6UNST.exe

windows10-2004-x64

1

VB6STKIT.dll

windows7-x64

1

VB6STKIT.dll

windows10-2004-x64

1

asycfilt.dll

windows7-x64

1

asycfilt.dll

windows10-2004-x64

1

comdlg32.dll

windows7-x64

1

comdlg32.dll

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

ipaforenglish.exe

windows7-x64

1

ipaforenglish.exe

windows10-2004-x64

1

msvbvm60.dll

windows7-x64

1

msvbvm60.dll

windows10-2004-x64

1

oleaut32.dll

windows7-x64

1

oleaut32.dll

windows10-2004-x64

1

olepro32.dll

windows7-x64

1

olepro32.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    26s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 23:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ipaforenglish.exe

  • Size

    148KB

  • MD5

    41755ca4f0b3f5fda7bcb63a2b6c4be9

  • SHA1

    9cf9cfa0baed9a1a78e7aef5e2348b048930ff16

  • SHA256

    f642c2921c1c8a9a148aa51e0c9f4202f93e866d900aaa3536424815b1a1eaa2

  • SHA512

    5e29da40a6f9be0d24b7bbf954933211f172c20806148d30eb6c12bf2e87543c567418ce4bdc493390365d991d69815f794342ba309808937d2447e6f963fcdd

  • SSDEEP

    1536:6+vh+KbyTDNzOs3pnZDZe0KKK5XFmCvrtMDg3L:/MKupRZe0pK5XFD7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ipaforenglish.exe
    "C:\Users\Admin\AppData\Local\Temp\ipaforenglish.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1732
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help.htm
      2⤵
        PID:2832
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2832 CREDAT:275457 /prefetch:2
          3⤵
            PID:2892

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads