Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

taoaisi/Conn.vbs

windows7-x64

1

taoaisi/Conn.vbs

windows10-2004-x64

1

taoaisi/ad...ut.htm

windows7-x64

1

taoaisi/ad...ut.htm

windows10-2004-x64

1

taoaisi/ad...ot.htm

windows7-x64

1

taoaisi/ad...ot.htm

windows10-2004-x64

1

taoaisi/ad...ce.htm

windows7-x64

1

taoaisi/ad...ce.htm

windows10-2004-x64

1

taoaisi/ad...ce.htm

windows7-x64

1

taoaisi/ad...ce.htm

windows10-2004-x64

1

taoaisi/ad...wf.htm

windows7-x64

1

taoaisi/ad...wf.htm

windows10-2004-x64

1

taoaisi/ad...dit.js

windows7-x64

1

taoaisi/ad...dit.js

windows10-2004-x64

1

taoaisi/ad...up.vbs

windows7-x64

1

taoaisi/ad...up.vbs

windows10-2004-x64

1

taoaisi/ad...ss.vbs

windows7-x64

1

taoaisi/ad...ss.vbs

windows10-2004-x64

1

taoaisi/ad...nn.vbs

windows7-x64

1

taoaisi/ad...nn.vbs

windows10-2004-x64

1

taoaisi/ad...es.vbs

windows7-x64

1

taoaisi/ad...es.vbs

windows10-2004-x64

1

taoaisi/ad...ex.asp

windows7-x64

3

taoaisi/ad...ex.asp

windows10-2004-x64

3

taoaisi/ad...tch.js

windows7-x64

1

taoaisi/ad...tch.js

windows10-2004-x64

1

taoaisi/ad...n.html

windows7-x64

1

taoaisi/ad...n.html

windows10-2004-x64

1

taoaisi/ad...ut.vbs

windows7-x64

1

taoaisi/ad...ut.vbs

windows10-2004-x64

1

taoaisi/ad...02.vbs

windows7-x64

1

taoaisi/ad...02.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 12:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    taoaisi/admin/SDEdit/HtmPop/face.htm

  • Size

    2KB

  • MD5

    3f1d336f7c1379c0fccd8af9cafcc15b

  • SHA1

    09f1c02e1b3a340071a65499690fc0bbc4bc511d

  • SHA256

    5066a47e9ca0b21c980c42a603667d30dbcc0695fc9b42575a9482086e2d0509

  • SHA512

    928b5ed169cbbbed85b36c57c3f24cbe860139b5b7f2b20b8b82a31f049fac320cf7345751782b853942e8b7f262cabfce4f8e4d1361cbd95662e9851f10ee84

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\taoaisi\admin\SDEdit\HtmPop\face.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2512 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    587965625a5d2ff0ec7224b228e24a45

    SHA1

    34cf14d44127970cd9f1193b751fc028f135a9b0

    SHA256

    462b9f9f92a1f56f116450efc80464ba0b643920c1f2240eae9118ce925236e1

    SHA512

    4eded956336c33c2b356db996aff42b9b896ccb043fbaaca337f53296fb53cbc133924a5579f8aea8b99b99cf911d6f964c807beb156aee6748cc715e013ac4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    862a093e833127930b9e23952afcb1c5

    SHA1

    3e9a04ca32087bb83ad12c69626ab5dc3977ed40

    SHA256

    e7b9405a0fde4f54fe43952e05ca87105c3b6a5d8093e863f519ce0bd2a1367a

    SHA512

    b15c6d798c1ce03798ee61da2c90acf4f088e159a536275b5c533d4f6ed52ebde16873e35cdd33f4a4ad4815a4fe685006b20d02f3cae122e39f34fe2b9d48f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1aa8d3a7d4152e3733ef44cfd65a18d1

    SHA1

    31d5fa056046440d3916584720549254611b5d54

    SHA256

    2eb0ac9ef3ff3922095b8d0d6e99c979e84e246ab31b367b2ee9fc47e70d3f4a

    SHA512

    3b646c461f644a7f97a4a07db96c90e53e2f5aee434341313b87f72878f7c43f87eeb9a51d20bda3459e652acc7e3c22acfc5717d8f8aa9affa5a7f3a0170bbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    daa7371d8ae8cf4407a8803286411d5f

    SHA1

    5742e89e7168ebeaa6a712256ec711af8a6f292a

    SHA256

    4e8e1a9b7bb0e8d54c742e18e2c18ca3c152d6a41ac01b8af303046c965ea1fe

    SHA512

    428445381fdaeaf1eb75d78882b495d0d45e57286d33d7f4dde43fcd7b2b3852afae552a102c9fb115a7a6987ba2df02e37002e298be5ce05d923e984a2fe68e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8ccb0999b59b92f38ebee0d798386b5

    SHA1

    c095af801f1d0753f72c34ee0e0b3a94096b69e9

    SHA256

    e538fae332b85f656fcb792558e42b673b9082111cd92b47f69628de9e56678b

    SHA512

    44993cbfdfb76fbf7d5ed8bda228a465b892823355fd7cbc2acec46a7093c35da2f0a668eb6f599b6478607cd6e4ef2802a1cce64209c07aa76ccff5af372f38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ea40184b6d97fa8edf5d6a63cfe327b

    SHA1

    234ca91b8f67dd1fdeba6e929d48ce81551f46f3

    SHA256

    2584810dca92fdd4937d275428f36d4e93c2fd4bd6847815a96eda49a8b8221e

    SHA512

    9b8e9f47b5433f61a9c95d330c27db77c045e5e3de7ed5036238686b9ca1b8682680cd5df3e1dfd730613b9fccd3851d52e5bb01aff2c4c17f8792eb2c116d2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    79f975f2e5689974fdbf049707ddf3d6

    SHA1

    10dde812fcf91d930e5e81dff3df1c1cff1d1e51

    SHA256

    f17253b43a40b7710376062bf4ec8fa64ed7e9eba714900b0fd7a6361aad90b4

    SHA512

    1e9321114109c032807614ad584698d623dcc7b697e4cb74a88e5ec206bcefe61066ff6fbbd573b960343bac5333ec4e59289cb99ee99db980eec9a628893996

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab39C9.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3E1F.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit