Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

094348446f...52.exe

windows7-x64

7

094348446f...52.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    182s
  • max time network
    219s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 00:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    094348446fad0262203ff0bb16da2752.exe

  • Size

    13KB

  • MD5

    094348446fad0262203ff0bb16da2752

  • SHA1

    c6d8abb4b136920c67d3843d4a64625922299e55

  • SHA256

    778be93c9aca8686e18c738c54f364fb05039d7599f1bac5249f64da46578b00

  • SHA512

    70ae28257590d497745def201ac529cc99d9597e63802e9f35c02bd840f23d932da16ce8b51ca2b9310348f8ab36d15ad0e60f0c46c9750349934562902994c1

  • SSDEEP

    192:LFOeihIRV2lwv7E6fPlKr9ZCspE+TMwrRmK+vhOrKZ:TRVp7NfPFeM4mtZ

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\094348446fad0262203ff0bb16da2752.exe
    "C:\Users\Admin\AppData\Local\Temp\094348446fad0262203ff0bb16da2752.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://ads.eorezo.com/cgi-bin/advert/getads?did=43
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1624
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1624 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:268

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    468a132f1b2eda90ad1797f4b5122eac

    SHA1

    43a3b62ef04fda0bc9ee6852ec073ac6e47d9d4c

    SHA256

    f87f85600f7bfcd2ed6ee74cf461995ed46dfcef866c6f27834342e5e6f84d2a

    SHA512

    03efa4fb51db7d3e461133974eee0185ee4d971af7ac8d3c765d0824c3955b1059769c93ffb2b5caa5ac00e042a742979ee8589c0c625cdb41ae955be8372797

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0cadb3af5d2539073839b21ae35cbd5

    SHA1

    3c1aa3bd0d7e7cc305b2c4d0ce12b20acfb7d566

    SHA256

    351289e3540563133370c97a67568d4ee289cf1c85e07ca3d5cfe30179006fb1

    SHA512

    2b86d83bb8688ce97f318805479f488650d7b870afc88aa1f515232e1c1a56e18c106d155915e29f94981303429b56a940037cceda0e3713a5f25d0ad7347d6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    595589a7b0fd5c7733af09e5df530f0a

    SHA1

    f10983f66a2ce4055804abbcc1265a3d498b4110

    SHA256

    d66c53b6dc92005efd37eb0aefed50e4be420ad8bddf11fe7f7fbd9b567cd666

    SHA512

    baee30c231cb4965f24a74596a971462a2dea569e43f6039fda0fe11e9f140d3815b00bc0900a27438962a9933a8c3935b61c30a0e7f614a8143b80ebe94b257

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f229ebc17fb59078706a85b03c2aea0f

    SHA1

    aa1009c3b6d9479e6792d5ae4ad9da13546849f8

    SHA256

    c3bbe4669ba121309583ae5438857a1728d397940b44b4584475b45b75ebab0b

    SHA512

    e67498038ea9970cc8ee9cc2df462b12e42da39dcf1c21babc64423f3650a5a1258119106fe9455382d7df1653002896350c959b62b003f45d0e2a736a6873d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    703d7cdc5734f589f4fe69d1eab559e8

    SHA1

    b228722acfed4faba20753d78b380279f4ea1930

    SHA256

    58b20f79f00c8c83e01064ca4a27b6fb8354531f39ab9b40198f02749aca4d6a

    SHA512

    2f8e88368196f2b1bca7fad34993c0347ab97ca2e124c3a7f58db208b6596fb1d67edeb4992d1f29d5aa99d6df74fba04538fc27bc7859ee03fcef491704612b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b93759036d41c0e08f49f01ac1554dd

    SHA1

    1c53f21c3ad0f9ca603fa37e7b0562ed5bcb14b8

    SHA256

    25f2fbedbed4257ddc275ec8de2acadb2e5fb05f93156d98a5ccb3d4bc818fbf

    SHA512

    fc31f8c89e3904091863118aef1e22081cf2c5650ec20d59d3f341eb24f352a68d725c527676ba0ab66635acff37fcb751484563bce95880f0e38efc63fd550d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d96a790820d3a55313580cc1257a5914

    SHA1

    f0bfeeea7c6674ebce89e0de335935e35af9f2c4

    SHA256

    f48cc80855a59becf7ccd83fe848b86a27b1c3d6a6502176b2a137508258685a

    SHA512

    164d330bb459f4d86fbd122ad4006e06f42bf0e6bbab26b86514655a1d29af9a48ae393a958fefb79ae2c1ef7ec8efa95a6ba680ffc0bb2205afa181405c2e2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    848639c492bcbc96b5200fce380d289a

    SHA1

    9ac3ea8a46235a02d8d48778669d6c99dd0041d7

    SHA256

    55b6c023052df51170374f5dd9e761872d7e497323c94ef78422ad6fd7139bd0

    SHA512

    f2a2b1e52dacee0f851b72fa903e119d93e89728bcadbf662222171c2c0b642e9a0745df09c41ea733ae0fa3c635ebe14384d71834afa8ae268fdf69a2b99513

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d139384c29f87afbd0329efff89126c

    SHA1

    344a1771720df7898e3e6a0fb11998f0147e297f

    SHA256

    5d0385f26c43c68ce00c0c0a8a5c7facd56cfcb983440aacc03f188aaf52365f

    SHA512

    9d1e5f4b4a0ed5ccd5f8556729a597909668bce5cc1d920887fba6822b528a5fdd3e27ca05069c15ca80076c5c00f75b8e50bad4df7387af6e0298aeb0da5a73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9225c885a23025ff76386c4abbc8f94

    SHA1

    61849d08a0ef3b37ed71e9bbe7aec7935248cd1d

    SHA256

    56fe6bfd064574ecebca9ce5d6f5ae3e2ee336a88a479ee802f3085efb761459

    SHA512

    ca9f7422c3e1328804f0c8df3e544848f6f40f1cec93538b0e1808099eb8d3ae7019d35a74dbc1e3968a4826b0ead4171cbe03760e68b50f86084a05316be0bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ab97cde0e49f6b8281a96d1b59ae715

    SHA1

    fae764b92f79c91b90a806ee08eb182fa4c6e402

    SHA256

    e9740e3278666a71abaa2cd30ed105045c615c075a7066766439f84de147b614

    SHA512

    061e0cd0d4a7a8c36bc76124f67493f7ccb5345ab4eefa3595182053970f5c7322ef94f40df772793322f02b557e248d5b07fa38938bd2a0bd20af0278867c77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64cae8b723e835e6049d9cf53f712865

    SHA1

    44a6ad0ddaf8b839f9089fb9ef4ea740d22613bf

    SHA256

    d38c1d207bb0b12ee9dddf2433e8869aab7fa11957ac0d0f2aa32aa88a1d6b3e

    SHA512

    ed356402b91a393100074a8244bbd11ef56911281d56fc3d22022b3ce6db3498eb31cd8c6dd65fee540ffaaa0826c1acd90f192663ed6719e5020873efcbfade

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ecec5f57419ea363fcaa2a136153b97

    SHA1

    a49b0b9a542348534eaa253be2ed43effc416e0f

    SHA256

    fc2a7fb1fbd5a719c1cdf0f80d0fe51e4ca12509ea1f56bca8035c5f9eb4d352

    SHA512

    bf725b764e07455b5cc7544e6575f652f85ac83d92c84644030e13be24e43e817cd73e825eb1e2f67da71bb26d61707736014db39d962afe9ab513f63c5ab05b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    485426abb544c6cafa2489c4f968982d

    SHA1

    87007ecd6c878ee340fc2382fbdf24665a1b1311

    SHA256

    4e7a60c05a7e87d8d208355eb6d7b5ba694ff71fc35a5592e96d54355aa116b6

    SHA512

    d80eb3d332c4cf758def50ff5d9a247c1874a23a773fb534b7fff28300d9aa260b1e927cd3b0dc55910da42f9872ad5da41f61b5b6ceea4e9e9e38c79c837a92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7dc9e6991019ee4667900c1deded4edd

    SHA1

    e697f5fe11f37444a85e40e30b3f3d23788cf33d

    SHA256

    ebfde0e2779f85737bbbacafbad48f46cc2ee94be944843ea73a1c59fea886d9

    SHA512

    1c0dee9c6f7741563b0692a1d0fff29ce7907cb8240049e68c1a5b341d328583c0ee9c8a521b02cde40c2be921bf971511ba45f0d9dc8f2cc283805c20cc2c2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a2668b160d86a7d3435d1597ea72f85

    SHA1

    ada839dbd80ca7c754b0c9557c35c6c1d3d8f84f

    SHA256

    29d2678407038801acc2915af4e11311bc74fff6dafd74b3ec2bcbaaa406f3ca

    SHA512

    5bd02a32527c0b18749b16cd2f6a43acb702d35a2d20888d2f4815b7c5cea7f3374868a628ea48a4872ad0d81a6cf0ebaff9515ad9abcccd7deee5d528013575

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA594.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB2E1.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/2024-4-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2024-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2024-2-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2024-3-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download