Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Cool.exe

windows7-x64

1

Cool.exe

windows10-2004-x64

1

程序太�...et.exe

windows7-x64

1

程序太�...et.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 09:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    程序太平洋dapha.net.exe

  • Size

    24KB

  • MD5

    a2b0dd7a490c19aca773579858a8d460

  • SHA1

    e39a91ebfddfe0bfa34147eb976a53c013cd39e9

  • SHA256

    9e39a64ddf585f6ace211eb5cdbf43318faee82429479390eb6cb900c53caf6e

  • SHA512

    9f74a23472f215ee6305cbad95cd39cdc617f0ee4fdfd29e95774fd5934eca8030aa288670ba8a6bf2c5bcd28885d27138b8752f07fdaff62349165c5fcec7e7

  • SSDEEP

    96:/lx8Q/KUtRmNuOtJyg4DAfNBmVwq4ehCGsHDhRaeZXSKJEHOtJyg4DAfJtRmN:/TX/bmBKDArQwq3h2CIEuKDAJm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\程序太平洋dapha.net.exe
    "C:\Users\Admin\AppData\Local\Temp\程序太平洋dapha.net.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Windows\SysWOW64\explorer.exe
      explorer.exe http://www.dapha.net/vb
      2⤵
        PID:1744
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2220
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.dapha.net/vb
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2168
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2452

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      5dfa1e37dd1a4338f5baa7876bc56997

      SHA1

      95ef46875a77069fa657034983b45e62ee7d77c8

      SHA256

      ac18dc0ea3bfd5ab4c08f3684252d66f795e4df0f3d32251851af68edde36536

      SHA512

      2172cdffb626cd75412538be609fdcdf75ba9a816848749fb4eb0d60c25d118230a33909b8987462ac7e0ae5a3b80ea71850de0416383ea9cea17cb214c74679

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      f259ed51309eb1bad02ea87041b24cca

      SHA1

      1dca545f85f0a7a3f83bb2ab2cf9cceb88a6503a

      SHA256

      f10aa6d08bfd3c5cc4b5d7379da9c34dab3da1eac131658daef5827022b79bc7

      SHA512

      3f313c40950c632a99fe3b70fd1c9be8f4097517fc6a6555897bf0b016b12d96d38439246e268d3f23f8e745c0a19c7022a0ad140579e0964a1f2ff7985934a0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      a42e3aee18151de7de1fdf7bd1dbe8f4

      SHA1

      e0a6f88057a3096883ebbbe0b22c353d66b967da

      SHA256

      182390e03f57d1e385d59ceec1a22a544ad8ee33d108d0ed0283a31fea254997

      SHA512

      13e9cde3f12e9d0b24714c731203e281185331c5ee8aba3d36c15a1577a3a68f304a8813a20a96a157f01cd2e4b129f31af18da2edfb260ec3f1f72268551809

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4e278435c92bd2b50d341ac4b753f693

      SHA1

      53afdf17dff4c07bc2f212905d10f13af311e952

      SHA256

      faf044b72ead107fa751447bded9ce25caa2f44b2658f20c8601aae366e12864

      SHA512

      00a3d822467d796333066fb938bd402ce11131c39e5ff70c691b4b9052adacd695354abb25bec2b55265b33c15b5a7730d2d82c6359b84f8ad997ca7d396614f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      256326e81c80c4b8352f0004170a2e36

      SHA1

      dae449692ab47b9ea44278f16a833d847fef239d

      SHA256

      8e9cd54e0a7fba7d82a2894a476223da17b777be565c43c1845b9021b63faa93

      SHA512

      18011c5687f3f4e3ce2b12d906447cf3c7ffbf4573351d064fcb5953a10e227ed5f2365f821d22017a8dd91f45f03b2112a89483d0f62b5d5a3cb3488458aabe

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      17cff28c48e07e06c368ba92e9ef8004

      SHA1

      41def8c12e584e557ce50b8e32dce8188fd562a4

      SHA256

      e95637580dd2952fff21d392c35a9a01a890ce42747db66c687480c66c9740a2

      SHA512

      554e171a00293cc7c1b3225baaa741abd41d33bcecd865b12e9ce48204a7c7956e335e70a92281dd6115b868d6a55e1207efadc04295fd98a1cf2096ea3d2c44

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      d3a9fc77a6dcfc70d13c3a7339547ef2

      SHA1

      f6359d57a05eb34024446eb1185f2676e38fe313

      SHA256

      43a6d53aedf9d82fe3a70b714c02a61e490d66fb0587e0950d8fbc845908eea6

      SHA512

      884cf9e4e9a37e5235541e3421764af1bc171d57e4e9afd9fa503b68d4a0535f4af91af4a1c7e4b6a137e960c2de6c44912c8cbca5fc780d12fe224d752da4ad

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      27effa50860145f116203c159d142c2a

      SHA1

      2e277c6252a8279235ddcfefc1987fce2f4dfdb1

      SHA256

      796ca5f2a59691cfef17cbbc9941a39e55c7531a3706c8e5daf113b32d774ce5

      SHA512

      a74a66f0c17c1bca27f70daa595efc3b0322129a2c994fdeccf0ea641ccb8dc675d1a0af39edd08121ddcbea8de1a42fe3fa5919cb275d9695b33260c446a95b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      9891c71e5b2d28ce64e59fd010e078f5

      SHA1

      ce70d235b8dfa47d9d6156c761da612ceb7c9bf7

      SHA256

      185a9b1849b1920efe9163fe603c5c2b9006fe5125c37b6a9b0d09ecbe0a22e5

      SHA512

      1cb8e3551c24c8e12a5000bc42c83f685589203f0140378eda350180a0851740f9536d4cd71424644514dacf2dc8c4abde415e1d808c68728fa97562c186abab

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      604ba03815f5e80cb133202dab00320b

      SHA1

      c7cb34c7cc7d698e46f3f961b038bdab35e03bae

      SHA256

      faaf5fda643f81e7e9eccfad02b8e80ccabecf04c1d8f6237daf68a971d2fb33

      SHA512

      605df06b59138a4d07cddc8660215bcfd0e4a24b40d7254d854e597742e90858f065f5ee100dde00c3ad784aee0af1f86a90b529c89cf9704174e26f724b5d0a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      32c9cc6e6f223c02d1025dcbd587ac8b

      SHA1

      dd43613fe54bc91d346d4ef3855fb9697d9435c3

      SHA256

      f06afff2e721a392404ca811f855d37dac4b27f23cdbf8c54f045e1b59e82b37

      SHA512

      4861308740f46b839dd708d03dc878436c637cdec997291f99a0fa8f5b4e2c47dfef3e03dadb4267ca08c1abcaf508aad2dfd47913c96066702a5cb9cea8d7d6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      d9b939e5c0f6eefc5bd6177782863427

      SHA1

      9df51869857d2b89f21c14a0e490d0b16c8b6c42

      SHA256

      d444bf883745b2384da9fb1417d7cdb12ff545915395ee9a89af40278f78f3aa

      SHA512

      93a8113c4a7236f486f8762e8081c1fafc2d4c4104ef36aeeff762c14c443835154c867d6d28d9c14288bb8577c363a9446050432c022395c9f2180673379d58

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      224c4195ca3504922c3c225899a13f7e

      SHA1

      36e6ada934c12b4410d313132d72b9ca4e6ae9d8

      SHA256

      369c1c0c9339639eb0a40cc335e6f18d2e801071035a205e6c33cd1e53251751

      SHA512

      35d19b1a5b6bc9fb75687d8460a562d0189417d294f7719287241b09425b12e10c05f86842eddd4f61e4bfd7ca12cbee8b95f4d0171594857fa8a4cdb4c6acab

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      a06d92547ab274fad5c66ae1a05d6381

      SHA1

      55d0481fbcbd6d05f2578465bafdcd31f878d00b

      SHA256

      684e9215cbd2a574933c5036857ababa5eb4ca3bc945b9c308da79ed7f47186f

      SHA512

      4d4b703af2b278352e59e28b8c7c2277dd03e5ad3ab30f9428f1395fc3906afadbcd006dcc1839e16a64b6cb94297e4598f99cf1b72ca9ed98ccb6323929489a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ca81d5d82f504f299a480110d46accdb

      SHA1

      d307b80e228d4acdac65fed96305c3a4be3b0e87

      SHA256

      4bbe177a2706273057009e50c057db33c4fdfad9f06e0040d9eed0968816057a

      SHA512

      104741a0285bdc8734442c3b31ebf229eda18857a829254289b66af04a18713a960102dd90d0d580f4f9d231a4621ff406af565b8453f55339c32fa4592c69cb

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      cdf2538709a1385c127bab2dd93f029d

      SHA1

      8d853604c8d61a240633e398de73ec7d6e40fdae

      SHA256

      7ea29b550a0ec9d20a69dba5cc1c8624b89e6191096c66c6b776db112b7cc4b0

      SHA512

      ce8783e57c0687e9187c7fe0a355279dd25884a499545fe90ec99831b43a6ed9e19a95a79754e12976e2eee8aaa866f65f5454b93911c5666638574fae900b29

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      5084a159408d81059448122d41d51f0b

      SHA1

      4805def2c6ce423e8691c804a10b2b8a6151a4c7

      SHA256

      db03951a21227de5e7e99c437f4cd2c84ccea6b8ba397b6d88ef73ff5ce80c38

      SHA512

      c1dab1594152331b8a276bf30c34a21ed6cb1d4bd6364e2606c710d50d505ae914f8773cb8b67c09f1b075b921e055078fd4baefc18b9622133e92ff23fe1b55

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabB751.tmp
      Filesize

      65KB

      MD5

      ac05d27423a85adc1622c714f2cb6184

      SHA1

      b0fe2b1abddb97837ea0195be70ab2ff14d43198

      SHA256

      c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

      SHA512

      6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarB81F.tmp
      Filesize

      171KB

      MD5

      9c0c641c06238516f27941aa1166d427

      SHA1

      64cd549fb8cf014fcd9312aa7a5b023847b6c977

      SHA256

      4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

      SHA512

      936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

      Download Submit