Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

taoaisi/Conn.vbs

windows7-x64

1

taoaisi/Conn.vbs

windows10-2004-x64

1

taoaisi/ad...ut.htm

windows7-x64

1

taoaisi/ad...ut.htm

windows10-2004-x64

1

taoaisi/ad...ot.htm

windows7-x64

1

taoaisi/ad...ot.htm

windows10-2004-x64

1

taoaisi/ad...ce.htm

windows7-x64

1

taoaisi/ad...ce.htm

windows10-2004-x64

1

taoaisi/ad...ce.htm

windows7-x64

1

taoaisi/ad...ce.htm

windows10-2004-x64

1

taoaisi/ad...wf.htm

windows7-x64

1

taoaisi/ad...wf.htm

windows10-2004-x64

1

taoaisi/ad...dit.js

windows7-x64

1

taoaisi/ad...dit.js

windows10-2004-x64

1

taoaisi/ad...up.vbs

windows7-x64

1

taoaisi/ad...up.vbs

windows10-2004-x64

1

taoaisi/ad...ss.vbs

windows7-x64

1

taoaisi/ad...ss.vbs

windows10-2004-x64

1

taoaisi/ad...nn.vbs

windows7-x64

1

taoaisi/ad...nn.vbs

windows10-2004-x64

1

taoaisi/ad...es.vbs

windows7-x64

1

taoaisi/ad...es.vbs

windows10-2004-x64

1

taoaisi/ad...ex.asp

windows7-x64

3

taoaisi/ad...ex.asp

windows10-2004-x64

3

taoaisi/ad...tch.js

windows7-x64

1

taoaisi/ad...tch.js

windows10-2004-x64

1

taoaisi/ad...n.html

windows7-x64

1

taoaisi/ad...n.html

windows10-2004-x64

1

taoaisi/ad...ut.vbs

windows7-x64

1

taoaisi/ad...ut.vbs

windows10-2004-x64

1

taoaisi/ad...02.vbs

windows7-x64

1

taoaisi/ad...02.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    180s
  • max time network
    217s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 12:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    taoaisi/admin/SDEdit/HtmPop/emot.htm

  • Size

    2KB

  • MD5

    59d14eea4eebaf265680c8c2f3ad77c5

  • SHA1

    13a2cb16a6628ba9bb591c55bc87abf2efc2ea89

  • SHA256

    992e2ff65f51a932658b961137f87a69b9805b52ad679edebaaaddbc616820c3

  • SHA512

    606d57a89b2b2140d86c722ca19e301223f38cc9f333a1ed499ff9202ffd6e70084508f86bc4802d5e1fba8bd1e754d73d2205f67b9f8230f901a34025f47cc2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\taoaisi\admin\SDEdit\HtmPop\emot.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:596
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:596 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54b62fbe60b7ea9baad061c6abcb9d8a

    SHA1

    1d0d12008538d97cb7fcf301ab5c4ebf6ecc5e77

    SHA256

    0533ea9d86a2562b46d42f4d747859a4025c23575040fb1d0bfa68f80c13ec61

    SHA512

    39432feb79f27ef9b6c1381c09fa481a67cd61328f4d5f6b9f0dbf947fb651489f85a5f66c0b0c073629f5cb8966cd2d377d350827a0ee365d48abc6ecb53e4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c811b9e7488f1022af8bf3655fc2b39b

    SHA1

    34f9f6843725296e771c4b92b94ee1d2133cdab5

    SHA256

    10b772956fc315f2fcc67679ac14ed7c768506ef00cfebc41be3f84beec70baf

    SHA512

    682e9e4691459d163be0bf3e0f6804bf500aac0aae9d2a01db7d63bd4d2f150326204cbe51a1b09d1ab1d266b455a447ea98936a723652267ec88f39f0d774a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f271f8e671ffc81933fafa99be55677a

    SHA1

    f0359ce83667f616501323d2f4f508fa9bca22b8

    SHA256

    f47e507ceaf42206270d5cdae8ec9c284425573069c79eb2675f98142f105936

    SHA512

    9adf1cc6fed92483f8877daa0b31b56380963c6e9e9877fbc2fcfe5b2dbc3f428e086defe7c87d4d5f495b945359f9dd7566a8e89fb9405525bc0514683babc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95143b377141bfba997feb78ae417216

    SHA1

    3d2ccde8d97682fb1b8b34787baedae611b7d79f

    SHA256

    8aa6a06fb93a6069f42c58290dd86120cdcff474c0f0d291cfea5dfef4c0ff1a

    SHA512

    076cb9d7cfcd01904a21caae4a9973360118e40f4f0e254bce6bc51817e4cf7ab99a20d5352b681636a8593ae8cf2478afa3b7ceacd29b6b91175c1f40cae0ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c276306325e377ff4b71ac0c87d5ea82

    SHA1

    2a0599f14230b189ae8dfea6453ae7712a576534

    SHA256

    f7dffb9270a798cd6b7b2f6a0a00c2f9cbf21af5dc93b1267394349ccf61c8ea

    SHA512

    ddaf705ff3c1660a67dd744b982cebbfac51e336e799011f8403a1bbc563a5d03628a2bd2d64ca68c8a9b863f7b457d5a07b995e184c2de75808570f790ebd15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    150fc1faee72262d41aa314b40a60b3c

    SHA1

    bd42ad3f1b368eb826765f7cc053aab9baa0d3de

    SHA256

    47e1f46d4408e092d99a8a64b5cb80573ef583c7c4c8bde87e0f713d04a92c95

    SHA512

    d09f4e1eed78b5351b6a587d5f53df622853356162b8f3edadec35fd1cf594c4f0c1abac80d42400f53db7f3b166e4c0aad5a4c49b387ec32a3c539ef1ba1c2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b31ff0068c1c1fd3f2b54cc2d5325aa1

    SHA1

    794c4ab1404f5e4cfaca20dd479488f23a542706

    SHA256

    e737e1e073b66be2ea8eb8492717661dfeb6ff0b2f7bcb49ac91dfa6c2ccd4ca

    SHA512

    dc37a37e099589495595a953482676e77869bf2bd36d255e608325d4378bc13d94a494e3e1c337bc538e411d51658c3fb31f4032c5ade36052a0ea7b3e538ad9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c14a30a80021c89633689d14c850f10

    SHA1

    8ff8cb32046ee965a046bfc9449d23aafb3a810f

    SHA256

    7bc6f4e309b9a98f6ea414665fffa1a26c4cda4e77c1f455f85a4dfe3c1de609

    SHA512

    9637c43a965e5435f016799a1efb3a714eac2347030e48285598778852d2d592ee2375850104e833d1f21f506273d2df9806b505b37fb2c5d791f84d2d623ed2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f32700c01b3d444e8146d05db8647a1c

    SHA1

    b77f339cddc84453b90d15926150031ecde78e90

    SHA256

    de1ef8db5f1c92f28f5ca56ddfdd1cd742d94c70abb8bddf03bd879bf30a4159

    SHA512

    4d31a945d553d8f92bf9da822aac415eba245ae847bb35d3bd9b7bdd745f318ca99923c7fa86b1ec9e6ff6f7c73c3077019b9acaad5677ba437884a720335322

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63beadc50f7c2264c18381372b7f0b56

    SHA1

    5f9a930a44e42fec86d0e89e966da9cf4e1e4348

    SHA256

    a37820ae9121b2a0410d5709d9e32eb7ccdcfe9f434903083edf6a2a88dccd86

    SHA512

    61a34567cae884c969b177274305aeb4563d0a19212d19cb06e94825fd5e07d25b9f0b1ba03dce94058f0a5a11cf0e9640f936a6e5450c2fb44d0be5545a0af8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3bf43e89bae2d9f018fe70314e65b0e4

    SHA1

    ebe92549efad66f58d085e1941899bf8756e7729

    SHA256

    02d5d9ad4fa46fea8b179627890c087dbbd7c5584dff18c8482906a576c3b2f5

    SHA512

    6cbc62a09d193a1782b0a548aef7e05b7cdf83d215d1dd742275b5c6c7dfd1c73f6f10fd4353ab1ba7e3e99d2c1df75061830a1d3a4f3f0c5bc218e4348c10d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    730f07912cf2fd7a9c822d785f9f2833

    SHA1

    3faf33bdb2882193d688b9ddf9d654e8b2a4b88d

    SHA256

    e582c3e421913e474f224ef75bb740ad9a26f27cba3c0a5ec27b65a93bca236e

    SHA512

    ceb32cc81525adc3c5cfb3ff66108bb5facfac828ec3744900531cbf96fbf36d2016b69b25903664a150ef66f46ea92155a66911cfafeca0a1bfb008a1a61658

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC5EF.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD475.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit