Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

54598ebbf4...41.exe

windows7-x64

1

54598ebbf4...41.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 14:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    54598ebbf4f18f8254f969891c9c5af4602af2e0ba4c8de2a904255fde115441.exe

  • Size

    2.8MB

  • MD5

    6f5df8b7133c79d1bf6de6858044b817

  • SHA1

    5190efdac7553202f123e90b361829d47fa66261

  • SHA256

    54598ebbf4f18f8254f969891c9c5af4602af2e0ba4c8de2a904255fde115441

  • SHA512

    6a2986b92be74a063e9317bb776be848a1e1c40fb439fd86f77471a760cd5603067f8a9948d6a32ba1abaf5677cedf1a8baa0dfe21af667c31577a63afdb6123

  • SSDEEP

    49152:t/3l+VWPU2dAtFGaj3Caxl6g49lWz5FpEHcfjSsAZ2GpjFe7aDIzFNmi:t/AQpd/Slj4lWz12cfjHGVbk6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\54598ebbf4f18f8254f969891c9c5af4602af2e0ba4c8de2a904255fde115441.exe
    "C:\Users\Admin\AppData\Local\Temp\54598ebbf4f18f8254f969891c9c5af4602af2e0ba4c8de2a904255fde115441.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2072
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.ni.com/rteFinder?dest=lvrte&version=22.3&platform=Win7_32&lang=en
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2432
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8507699b275e35777b1f86d673c530d

    SHA1

    841933b1aa031e9049f309d04b5df2032c683eb3

    SHA256

    6d42abe664ed13dac291b7fbb6fec1fcef00682ea83847fcc3cd2e0c472a9637

    SHA512

    ba2a6bd916a04b46844ab956e947646399ed53fb71749b6c307f83b882f1482330b998d0da856c3c867d128c9ee7201c22f32dd39c9f39858afb009bedf148ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    544293643e96d9805ac018155b9fe4f5

    SHA1

    dc3d9ac74e9759452f8aa984c525f0067c8cd02b

    SHA256

    ad135687eabfdba25236025530442d0cde8e54eeda6a07e1ceebf39ceeef61b0

    SHA512

    c55a8601818e4779e2e82bbbf94582eb587e716e5a85f5704fa6cff52908dcdebd8139e4ec112b46feed97093bcd9e4c216f004214b0182bb8d16858e970fa34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    023b9ffccef28517a0b7a4f6f9b1236c

    SHA1

    2f4b5c26eec2bb6f697b2e1c8955512dc9d34c42

    SHA256

    51c12a515f076455032050c84ba391eaa1e72d2e4fb74883a1c1892c5e00c445

    SHA512

    b8a0a1b6222853542991b2119982e3ac2e69b905afb021745ae24f814ec0aa5a2119cc6457c07df26b46b2007407295caf8c19c9c51ae83d5f96185c4296d7cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6171ba7a7dc6e7b0258e078276d50f8d

    SHA1

    af3583d5409059d95c079c6aa14c95100d31806d

    SHA256

    a37b0b88e16938c806b3a389cee4d1a1c66d3d4a1ec0a47eb696c244866c2a36

    SHA512

    59c71b3392aafdf966f6bc024328c81346b2fd857ac0a02a96e40bc2c01f837ea4a81f9d9ae590ec79dcb61a26b9982f2a18482538df80ee59123108a993734f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ae98a9c52c02f57befdf12dafae66ae

    SHA1

    3c6a62a08997841a3065adc78f13ab122298c2ba

    SHA256

    5c8f1334e2838989dc78846c89b6ea32e671467c0caa78fe0fb78eca776da082

    SHA512

    8a8b8fbbf9b58050af5ed9918118389d29720c0df39f546d2ca96e37ef802a42681b60ec16b9e25b63efbc6d5667942934fd852d48ba5a19bef7318422cb25f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2bb91823ca32d84ac568a7ab89feddf8

    SHA1

    eda27af247f97b4120c3cd090dc25a084efa63bb

    SHA256

    0de4253c1929f7fa28818e05cb6d0e35663e005467a2846625b159c806cdf2d1

    SHA512

    d955cd8a7070a3d3258b6a65f345ae2a81730a4d295c3f75ae8bc8601663e7e9aea71e59231c2f0db1c5c9108cf0a3550b3612392c2285ae2f026fedfd81d721

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc79887b01fe8c52a801c973ff9e68ad

    SHA1

    b01f5cfafa72c44357bb37628c6816979150b9c4

    SHA256

    1c05871b7be71ee22febb15dd6c680151a08466b83963d00215c06e4b7ec565c

    SHA512

    90453198bea4e86badd43edbc6f953bcad0067e519700cdc36481d3b172a0b43cd024b53f0d3291ffc926b41b9a3195f28ccc36f3b3ff95d7e0d09e8a113b946

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5252ff391d04996893fd9e2650124879

    SHA1

    c8986de476a8e4b7128bc6f95c2a4e02fb2148f4

    SHA256

    02a051e6222679f7df1f575647ecf67431e2206b6b48cc65caf393d1fb824978

    SHA512

    d253e7f022bb832161be04739c585c0be504cf1394575ed3f7f39d1e9f57f1395a58312d51e452e9cf925001e8cfb0cfec67d898c7923de59d40d381bd1e247b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b17cd55bf612031716fe976db3ad4778

    SHA1

    a65314d4b09d2268d16af468e8b05ad36573a32f

    SHA256

    ec91161c7de9889fe20b51c35e962e197c202245c0b0abe68c5d99ab0b99f53e

    SHA512

    8a97c0c38efb505e2e35a5480e715a676531abf522a03b087180e36512713b628efc7af6b90ea6b954c3da15002d859b74c31e3bb56e52c1abaf8fe1a283efb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dc510301730493b4c6727bdf5ffa6a4

    SHA1

    a49410cdaa1b5dc99156c214bec122560124d609

    SHA256

    0edd71f61a2352c9d1075f7f9d29d2a4982e50a606a290410b2c4d03f792efa9

    SHA512

    7d6c739cd2e0671c4ad964fd4f2223efd6cf7bb347e3e37af36c2c3893fd44bf9194eb8cc847918efece15b7a2e40f9e8fc81438fb39425597f2a33e42cdd832

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db41dd2425abf900cb6636c3d301749c

    SHA1

    ec78ec41b056cd5737327b87f3e5e7de07d7b834

    SHA256

    b71bae22b42882ea95adfb572bd72fda45420f9cd208feffef4a6f70137a3dfa

    SHA512

    6c7354b4be598c0ffd52b08e8f44d163ab73e1473b74b83c029d38a8d17eebe64d9e8c088868167b788867340975cf633e2b16895f39b40854377c24bebb897c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9efc4eb323ae7089579e2cb562418408

    SHA1

    11474f4847f4fba88e459be590d35c041b6583f4

    SHA256

    0b5a6107400fa1787961e043e8e79aba4af8acf9a2d7a24e0e0c0f63a2fd8116

    SHA512

    cdc238c7cd119f779a82c940e441dc6cd4881a0b944c7638ccf58f39fc1c23ad0a8b75b36f50636d82be655b503b3c2b510e191700c77ad8cefe5e0f44cde4b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18f8053d784f22a9d11c1d3426f16971

    SHA1

    36cb6168540a3ae05fe13836212ad5028d581297

    SHA256

    b08fa6e114e9d42e23e2c57ee63bc0ceb012f71d22c7d7d4a51a8d0b8999c83a

    SHA512

    291d55240e7e877fc0d880f4d1b045d20799dcd7dedf187a86dc12f676b9dfd85b775ad311ad3d6c61693af518d86baca1ba61b5308dfddf8f1f06d81064d8c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    055f2ee005bbf5018ddfe565e1389a10

    SHA1

    3dcd6958b93b3cfa62f3e81aeaf1c0d963dcea6b

    SHA256

    da2d65dfd15e435bcf5f88ea899b992f7b13457e72bff82f01d1c24bf9b7b95c

    SHA512

    545db5b3e7081cf85da395b5603f0930c747c1bbc028ceecf1ce26de71b66ede7f93476850b8b6204c6a4829cabe49d92430daadae20e3df22ca24e0d17b8fff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2ddac0b2d17f9197ecebd13f47ca337

    SHA1

    69661a5e85255e024f0789a8a412748aee3baa46

    SHA256

    541364358322c2e4c532e7d8c3cab49c57e993065b89bf50546fff0c9446e0d9

    SHA512

    8f5992cc51c21c344d2306724d3340f26215f443f619a6bce2ca535dcb1aabe4ced04a1d305895941e250bfcc5d1bdcd8ae91bb7a1e15a5a8c4c0155e95eae08

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab938B.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar93DC.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit