Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

284aefd07e...96.exe

windows7-x64

7

284aefd07e...96.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    155s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 04:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    284aefd07e87dfb016d71d9cb494fa96.exe

  • Size

    13KB

  • MD5

    284aefd07e87dfb016d71d9cb494fa96

  • SHA1

    c627e058da2a4486abd9179dedafd4cb8dbdb5ad

  • SHA256

    2212fdf2e7374dc0fd48be78b4b1aae202249353332894bd6f0258781aee34aa

  • SHA512

    6164a4193a3146aafa48174675a1259407910162feb20eec5a7f5f8cb965c52172884c28aaa6bd1782b938ded931d20c8b537829ae809a97b4cb5f45eac36808

  • SSDEEP

    192:+S4gbgkAN4SJj+bfrJsUwv7E6sGWaUFu7Br9ZCspE+TMIr3/bjOg+vtwJrJN:+S4uI44aJ+7NsAELeME/bjl

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\284aefd07e87dfb016d71d9cb494fa96.exe
    "C:\Users\Admin\AppData\Local\Temp\284aefd07e87dfb016d71d9cb494fa96.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2776
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://ads.eorezo.com/cgi-bin/advert/getads?did=43
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2436
  • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2436 CREDAT:275457 /prefetch:2
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2304

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34bbd879cba9a905aa3216a2d3f5c63d

    SHA1

    6e008834bb5dfd94cff750600f6f675594f7adc8

    SHA256

    34dd86447da4faeb2a985ec4c705438740bf0551af0b4dc8ba0b88e00ff9d2d3

    SHA512

    c343b0c0cee4bcc08b14358dedd96de891eafcc0085c9355ab6d5aca474fa50f53e5db029004c78cb2464e1518bb9649682df6b4b4d45d51c7371001fe4ab030

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd77095b52213572d0152232c8968252

    SHA1

    c979dba1929340ade58fc54ee30aca8d63bbd0d1

    SHA256

    93e15ede3fefacb4589eb868e9680ebac87dd7863b1e069b44f028df62773710

    SHA512

    dec8b8025e1966c6448c6619b6d664db64a1e6deb5073f9370a17c3bf01452c7b3be52bea67353edf8ff290b999684bea5aa7436d77be4a71d2abb56cf6fa395

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    235ab53282fbd6713f21385085c20067

    SHA1

    1b0c55865aa9f3f6f653fc09d7e186a11d100083

    SHA256

    bdb3bea1dea3b4ef81972f8cd688434cc9038c6405a3521a5da6100b5882a7e5

    SHA512

    c2b3bce0ff71dac10814f6315d25b03b9a8c8cbf874c5e9b04a2d550eecbb4d5b07b870f73211c4e6b62b5a7bc4f01c1f6b3c27b3f0813bbfd7ef829cebd44de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4af393acc8d649fc3177ada04898b55e

    SHA1

    c7d229ec123a8e14073a107d450cce4487d2a8d4

    SHA256

    750ed6000f5bf862495348159f34f914ca62a042652573050b07d494236e5488

    SHA512

    5caa6d3b9e5abde8d1a3a176f6ffcf010244956ae9386d32af1250c6bf80acd6551d47835e8bffc4dd9902f5ec92e0034e58e9a80845af20f21261f88fdd0357

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d64a71f1cc1cde15fb8e3eb32a46f92

    SHA1

    a92045fb43b3eda43fa67c0440e2cc80f755b1d1

    SHA256

    af7e55b3dbc2908145975bff3ffc63b68f2987701ef8b1550a8bbc7459bb6726

    SHA512

    cf18f449585d7312df7530d05e9fefc6b8215edcb84a75381ccf17e7c1054ac0f4dd519e6f22d61315f136fae490fb54e24f031c052d8f8739a35e14192f1dbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b2b2944b2f06f3693d8378ce62ab7a8

    SHA1

    726c9a6090651d984fd47497cb5f2b1a24747ff9

    SHA256

    642e3e7ee449e7bff5fdfdf1f18e3343dd1f487db68b5186c103ec79899d7838

    SHA512

    983f8074fc440a937f4c03fe7cc067ccaa81a58c54c29359991c468616ac8ff30adb7649f53e018fcadecad686555869f9b53885d97f8580c550dcdc42b5f5e7

    Download Submit

  • memory/2776-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2776-1-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download