Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    0s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/01/2024, 07:17

General

  • Target

    4316141b10535398244bdb69df7c8065.html

  • Size

    104KB

  • MD5

    4316141b10535398244bdb69df7c8065

  • SHA1

    6e99702f2cf7592a04a57a14480baadb76252404

  • SHA256

    a2f79f2b124613f07243d3898dbc33c4f4802729167cc268a957bdcf869d4c3c

  • SHA512

    2c5d6f637b6ec26b957f63f4ad3381c9b04354e30952e4c197d78a6f27f6ba88dcf85af87783fafdcae535bcb3fc1056d139c74e80366b55f8d9bea397c162d7

  • SSDEEP

    3072:SOxIi38IP9kSsgo/ZvxYrtPTKCNtHyUtCuM6D:SOx93jVkS8/5xyP2UtHyUtCuX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4316141b10535398244bdb69df7c8065.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2884
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2884 CREDAT:17410 /prefetch:2
      2⤵
        PID:1660

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157

      Filesize

      4KB

      MD5

      5d8c6ebecb2534dd7c1b0b5192e09238

      SHA1

      45d3369058b0490165e327f09114e5e9e8e113fc

      SHA256

      0b02530d23beafdda298d2936925996ee9f8cfa4a364b9989aa396c47a6b3298

      SHA512

      74af700df84b99f70f5db62c2dadfa5126422b307c445b42d1aa0a207924a86099c6aa1c33c212b01746e4802bfaaef9453beb620b1e1b621325140d27ebba6c

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verD513.tmp

      Filesize

      15KB

      MD5

      1a545d0052b581fbb2ab4c52133846bc

      SHA1

      62f3266a9b9925cd6d98658b92adec673cbe3dd3

      SHA256

      557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

      SHA512

      bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d