Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

20654fd393...4.html

windows7-x64

1

20654fd393...4.html

windows10-2004-x64

1

Analysis

  • max time kernel
    66s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 23:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    20654fd39386c2bd2aa8303d0e5cc334.html

  • Size

    57KB

  • MD5

    20654fd39386c2bd2aa8303d0e5cc334

  • SHA1

    a3f234917d98f45f2e099f2e3a4005e6acf71e13

  • SHA256

    9246d9910419409ac998f651db433e25e16f34e69f8e8b1db16c714ae5724708

  • SHA512

    10e84da158647a013b3ae2d993a3bf4280da8eaeda4c2dac3097c4646f5aabec5309053f636e2538034eec3ca3d79f3b64942157d9355a86178172ca4dd3cfaf

  • SSDEEP

    1536:zAHv7oGR4Kih3wWdVqdLzubO0yDjf0pMFAHtL:cHTXqKih3wW3qdLzubO0yDjf0pMFAHtL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\20654fd39386c2bd2aa8303d0e5cc334.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
    Filesize

    889B

    MD5

    3e455215095192e1b75d379fb187298a

    SHA1

    b1bc968bd4f49d622aa89a81f2150152a41d829c

    SHA256

    ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99

    SHA512

    54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    08716db15dd45b359cdc616849f4b634

    SHA1

    13e076a89e510fda5844af01b2926d9aae8fcbed

    SHA256

    0295401fc03058b84f99ff92f05919aca35a3b5d081e6b4afad7bc90b87a519a

    SHA512

    7f53f6518deb06d153121aa03829ffccb9c0f8b00d116e1d648796ab787f3565c48d87127eccc9be028f3d1ffea080fb726f1aa877d75771f9d94ffd5f8a102f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84a9f4f09287b473c2da20dc5c9dabad

    SHA1

    b00a79d362b2592adddbce784be38c573bbb8b9f

    SHA256

    fbdb41b874c7d2ca199a54f79a65a7ec52df8c28bc32131776ac0c1826fee529

    SHA512

    9862ce89293a6e6f6d7be33510baabad15ca31857776698f024c7d2d66e7c3a96949a083c674fd2e2ec7e377021b4d0ae41ffd23f011ac35c44953d29c6c15cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3889a977b250784d62c479803b86d2dd

    SHA1

    033f85a21ff4da75bee12121a09516917436c956

    SHA256

    51ecdbc3a672cc499202a62f5650ff1383df7c17b35bb74e0cb6831d4939aa98

    SHA512

    e0c394ab9c936f0a9f5b1594a47957e572b1ddd77a5201772f4d748700111ca137252ecc882c2fb2614243acba2e9da1c93243b4fc3b465da1a97e6f7148cc08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    664aa0126581f7be8ee6fc49eb9c6bb6

    SHA1

    a8f34281e50c72637f640e842ea9ae97a8d088d8

    SHA256

    b636e9955796a30901a71682bc76d5938afe1c4b2b8ca0b632a1c1203c55fd52

    SHA512

    8d141fc7cdd6a999752770389cfdeb02d709f2a5392c668b65f7fd4faec8aacd7efdff93b532042c3ea44314569fb6cdd2a9540ceafe05487fcfbf567f6a332c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9be2d6a57374386a24c3eb657682336f

    SHA1

    e3efa5e760f87dc25357e3d9b4bd588c5d90c6b2

    SHA256

    edf2a90508c5a6b7b40c206c65bedc36340851e63c258cd2fe35caf5b4ca6245

    SHA512

    f4fa6a7f80c55a3d0b3dfb14eb882bb93bfb65257a793db3739bd7373a7ac99b953d28637308653df35082c5bf088cc987711cac1c6c070e2d457b5eb7036a3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    998491ad51363c2a83cb615a9cfea649

    SHA1

    b17cfcae9361509ab5b435bc555a9a209010d381

    SHA256

    08c669223195b1f5ebe29975394aee919ef8edc1edd90849ecac625afe28bc96

    SHA512

    efe4c633ce1ab74e020b2cf4013bee0d6b121eae3c5d94569f6578b37e8b0a064602aa56329b4cb59b39bc06dd5e15debe5ed44eca9c5c5be4c5e219e5cc5d94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    661be269a27350523de08d29b94c9f05

    SHA1

    79a35eab20aee70763e1ff7e1aa0710eb45cb832

    SHA256

    010ca01b9693f633d48635053c11a1c0727f83a9e6104225ca859d24b1af1a14

    SHA512

    56d8a3a79afc8d3d31e994a20e8c7f7e4d1f3019ea59f7a305284249e750d3df08b15af0c70a365cd19d5b60e24bdff6817fbeb793e38998a495fa67e4e45ee5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f34b29e517784c45e7dc76e0140c889

    SHA1

    69b0daa517cb6b8bdbae9ab4eb5a6fca0ed49be5

    SHA256

    c72f145d6ea5c7373f53d171a43d2e825f39ae43dd1671dba95cf207e4cac046

    SHA512

    2812be85373a40346aa1ad9006dd90fbfeb9f66094c3f64b701a6d2c212bc858dd1c1fb9ab286504f75026d4f73c81633c493ec6b7488ce2d42c98be61b5d7b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a97062f9a6acf8242615afaaaf2b4a43

    SHA1

    b8e2f03cfa6bf2fe56d9c3e4c33ef1740cf6e6b8

    SHA256

    6b2c9e4342ba5302692d4f173aacc25e267b38b2cd774622493ce74a3d27bfdb

    SHA512

    e1805a1d322dfb2bb97f2c28d036ec10df1cdeead7dff76669b64fcae8f8884f5ce189b1186ebabfe3a993c5dc39367c34fd3ffb27902899d8d50af6a86df2d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    75d0c55ec0e05102e4c3f57e2145f972

    SHA1

    40eb3546a8f5f2e5dc43128a01cb7101e81e555e

    SHA256

    769f926d1233e4938c74376aff72b34f6205f65486e739c4ded380e5de0829c8

    SHA512

    455a0415fbfc72230b18b66f9d0cab2b9775483d6538b9c00aef294cdab46a687e8e8003f913bdf41695f7323df2c329e88c2cbf9a9094dc57e7e1bf3883c9eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLOVMKRJ\cb=gapi[2].js
    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAFE.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit