Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    151s
  • max time network
    161s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/01/2024, 04:07

General

  • Target

    3fdaf024288f25593eb0e20094f4633e.html

  • Size

    7KB

  • MD5

    3fdaf024288f25593eb0e20094f4633e

  • SHA1

    17f04f7c7ab5173b77155ef110effdac2c395ace

  • SHA256

    7551a10757221d33beea47032dedb321d14270695d3227a1bce8afd89aad54d7

  • SHA512

    536b7d062ef5cd949594725676f9b00ea4a83207850d9b1897d4d022a128e1f5cf0006f2f77fe0934c0d912f86ea7491debc3c9c675761aa06e7f53d429f4179

  • SSDEEP

    192:PuJP8wZpEV4UlvbMYW3CufjUuQxe4gvAp0CYrZzYrT:PuHZpw4Ulv4YW3CAjUvxe4sAp0FrZz0T

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3fdaf024288f25593eb0e20094f4633e.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2df9b4b9a3209d5c3fe8ab17b85cc530

    SHA1

    d3d0599b99a9e55526cd8a8563f40a1fd9ed9bb6

    SHA256

    8a2a75a2302216b52680e74a71ade1a79bb5c20319e0e0d39c747c95c3ea0e8d

    SHA512

    cbb9514465b3befa23682cb987d7d678c3e0fabf911e9a67b174dbfd3ead5d9bc9013ae3d090e7dc9bbad57036cadc4bef967ea4853a068f431870624379b177

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6431b371eebbd6d697a1cdc0708cc9ea

    SHA1

    c85281c691c371ac453843103ba17aad791d93c8

    SHA256

    5388bd5eb3740e8f39b2f6ff3ed836f93ca5df0893dd441ef58a7ab96d60abaf

    SHA512

    3a712e1a55aec04f09af480f05b66b6f711e6fa8e36970c2e59b6ecddb5c1123e87a9b8c8e9fe689480c4863c90427c6ec5bcd56f8e538caaf110373f839ee54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    76360b0b7e5382c0364e59234f09044f

    SHA1

    5cc113d6526b06b126e07a4654e3610cbf72c276

    SHA256

    e5284192c98ebda03f21beb375b6c087031dc734da8b37ec96a2d2ee15123366

    SHA512

    1e1c45d2a4873a995757cfd74878304b58638cbd6bf45a69cd9c5a6cb6ae7ad72886f9e1a8e92ffcd59755c929996305fba33932ee70ba69b9eed5e1f9c4253c

  • C:\Users\Admin\AppData\Local\Temp\Cab6E7F.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar6E80.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06