Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

37b59454b3...a.html

windows7-x64

1

37b59454b3...a.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 13:19 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    37b59454b3ddc9333836ce13bd75adca.html

  • Size

    6KB

  • MD5

    37b59454b3ddc9333836ce13bd75adca

  • SHA1

    69a1c9946b3a9252fbb58d1445779cf149ca14b0

  • SHA256

    e20a97b0dca2f8d69a5f39e24468f65b5881f466ae4953011722d5045320eb81

  • SHA512

    b99c4304f74e73b45363dc6a1ec85418a99f53801f20c62c2e73d842a0d7c586e036e7510c19735540ef3c361e2be35cd9af2f64606ee487033f5a5460bd400b

  • SSDEEP

    96:uzVs+ux7TWLLY1k9o84d12ef7CSTUHZcEZ7ru7f:csz7TWAYS/mb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\37b59454b3ddc9333836ce13bd75adca.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1372

Network

  • flag-us
    DNS
    counters.gigya.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    counters.gigya.com
    IN A
    Response
  • flag-us
    DNS
    analytics.hosting24.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    analytics.hosting24.com
    IN A
    Response
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
    Response
    fc01.deviantart.net
    IN A
    35.82.170.47
    fc01.deviantart.net
    IN A
    52.40.105.29
    fc01.deviantart.net
    IN A
    54.187.148.60
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
  • flag-us
    GET
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    IEXPLORE.EXE
    Remote address:
    35.82.170.47:80
    Request
    GET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fc01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Wed, 10 Jan 2024 17:06:54 GMT
    Content-Type: text/html
    Content-Length: 178
    Connection: keep-alive
    Server: nginx
    Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
  • flag-us
    DNS
    orig01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    orig01.deviantart.net
    IN A
    Response
    orig01.deviantart.net
    IN A
    44.232.141.196
    orig01.deviantart.net
    IN A
    35.164.248.218
    orig01.deviantart.net
    IN A
    54.188.178.16
  • flag-us
    GET
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    IEXPLORE.EXE
    Remote address:
    44.232.141.196:80
    Request
    GET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: orig01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 10 Jan 2024 17:06:55 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 0
    Connection: keep-alive
    Server: da-redirector/0.5.2
  • 35.82.170.47:80
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    http
    IEXPLORE.EXE
    606 B
     650 B
     6
    5

    HTTP Request

    GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg

    HTTP Response

    301
  • 35.82.170.47:80
    fc01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 44.232.141.196:80
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    http
    IEXPLORE.EXE
    746 B
     507 B
     9
    8

    HTTP Request

    GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg

    HTTP Response

    404
  • 44.232.141.196:80
    orig01.deviantart.net
    IEXPLORE.EXE
    236 B
     172 B
     5
    4
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    845 B
     7.9kB
     11
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    1.2kB
     7.9kB
     12
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    1.1kB
     7.8kB
     11
    11
  • 8.8.8.8:53
    counters.gigya.com
    dns
    IEXPLORE.EXE
    64 B
     129 B
     1
    1

    DNS Request

    counters.gigya.com

  • 8.8.8.8:53
    analytics.hosting24.com
    dns
    IEXPLORE.EXE
    69 B
     124 B
     1
    1

    DNS Request

    analytics.hosting24.com

  • 8.8.8.8:53
    fc01.deviantart.net
    dns
    IEXPLORE.EXE
    195 B
     113 B
     3
    1

    DNS Request

    fc01.deviantart.net

    DNS Request

    fc01.deviantart.net

    DNS Request

    fc01.deviantart.net

    DNS Response

    35.82.170.47
    52.40.105.29
    54.187.148.60

  • 8.8.8.8:53
    orig01.deviantart.net
    dns
    IEXPLORE.EXE
    67 B
     115 B
     1
    1

    DNS Request

    orig01.deviantart.net

    DNS Response

    44.232.141.196
    35.164.248.218
    54.188.178.16

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    780de2339575a4ec616f3f903f92e9b8

    SHA1

    5b5c59ac54c83161eff4246a577e2a7d187dc2a4

    SHA256

    9526023716fbdd77a2c7531027cea1304fcc45bf55bc29fe77953102d9342af8

    SHA512

    546afd73e033c33eb837b8586949bb5ef8510051717d59b2c57c7d1b5583b9ef8c1b3ae6e3d5b8bf8d35978f545054803b606496f096925ff948b2f551e89266

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    802a85590b5fdfa332229b73788be081

    SHA1

    3995df1978a6ab992587c3aaa7a71db39ae5b22a

    SHA256

    51b67819efb307d4ec9839998b954e6f7f31715baf7dae6ce3ab99a7bcd8ed23

    SHA512

    16ef6ffac4cdeab207d3883804cbb414e4b082b8cbd1332d11e3b7f84e767eddb83bc06844fdd63c9486d8a8513572bbfe3aaf70f4f80661aaa2c528b15b94e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2835813e7b06952764fe24e8ed4fd9cc

    SHA1

    c93271b45df5c9d356531ae7d61915d087e74c0e

    SHA256

    be68cff22227c1e0f5e2798baba616780a1b58f5ef242bf63af25a0d80318edc

    SHA512

    8b488c8bb89d8330cd83aa213b4ab303b45b24b98b464c8e6744eaadc0d540b5829933742bda4a37f7cfd13bc9677066d76bff6f70085fa0288a14e855bb47b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a3baaaa6b2e4067b1902da432b2b699

    SHA1

    41a165d6447febb190ec7d93c1a3881004517455

    SHA256

    8bfffaa3ad601267fa3d2cb9506e4f66e2dfda11572ae25f6c2bcea9644793a3

    SHA512

    3a7e90eef60c373b7eac1f15a7b70e8d713c349fca13e76aabed01d7c6de77da2092626b8434b97fa9eadd4aecb6806ef757ff61ae602e4f7cf421cf56ca9cfd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c264f41d4431c49cef611cbf9eb8431

    SHA1

    08f9970b47a2692bab9d71efc7551110d7449892

    SHA256

    e12e88908ea7f2ef5e15f364a9f7158bc6bb692a35186aa5dfbc70df574b089f

    SHA512

    cf05226c672d6ef97c00c0f8574b7a8b94326116a4c8aa696ef9095b0f86ae7da277e53d1d08a67d9d09ea3251e03fbaaa864f731399901e4f32e9ecdef02505

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c4df7645f9e619ccdbb2dbb2a676f65

    SHA1

    4de3f4cb9dc1084f933d48ddaa1c49b3da25d114

    SHA256

    507473fa06136e73d07bc094a13d243e0dd9bc6cd22ac7766467d4717ce29e5e

    SHA512

    0c1888773817502bd6d8a445869b72d5648cbb10f75ed2563089a57be81267683c9497a516f2f441c8e77bd2311be01c6820349c58da3a61c1056dd11e5a33bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9934232c035987d2727e98ef78a32f1

    SHA1

    aa9a5e6e8c62139deb13afdb465b24b833ed7702

    SHA256

    0b48638e337c9485bae55e0d8564f6fef36e2af7720ca3bdf49a76643bbd1a84

    SHA512

    2bd652aa47e61ab941984252470cc7c282540963475b292ded2d6c5b99b2862738040079f6832dc5399138549587c994e4287c5606c6726945a6b9abac91d732

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b87f6dd152ea0a327892f6c69a29b6cc

    SHA1

    9e48653efe5f61838e5de206dae82f9e0d4a4713

    SHA256

    ab29891add5c1476bb20c207ddc6ba8de733b52efa7da0109299ba37b2a15e20

    SHA512

    0a874dbb47c6168fcdf095ef960fd13f515124ea3d590ef2901e823ab07ab9a605a56c3d815485ce80be0e83b98afd3895c0e25416063f270fc87c3209aeafdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3edc5a7227eede3a5996f12c88cd541b

    SHA1

    0bf7fa8ed6297692edd9969631d19d0f83ecc727

    SHA256

    7ddb4bfb1750a310619b98b342ce2a5600b1c8a0583707e3b9fea129d7ecbbb2

    SHA512

    e077790192332c79b60706b7b06422b3b9e2f56c5a920bc5592db5f2715acc1ef00a1e1d3189982354e4800f621033142a6bcd7e5b9e0b597ae61fd94c407f86

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCDDD.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCEAB.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.