Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
49s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
11/01/2024, 22:23
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://options.shopapps.site/v2/john-doe-us.myshopify.com/generate_option/6768349708382?tmp=1667431004
Resource
win7-20231215-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral2
Sample
https://options.shopapps.site/v2/john-doe-us.myshopify.com/generate_option/6768349708382?tmp=1667431004
Resource
win10v2004-20231222-en
windows10-2004-x64
8 signatures
150 seconds
General
-
Target
https://options.shopapps.site/v2/john-doe-us.myshopify.com/generate_option/6768349708382?tmp=1667431004
Score
1/10
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 1080 chrome.exe 1080 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe Token: SeShutdownPrivilege 1080 chrome.exe -
Suspicious use of FindShellTrayWindow 34 IoCs
pid Process 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe -
Suspicious use of SendNotifyMessage 32 IoCs
pid Process 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe 1080 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1080 wrote to memory of 2064 1080 chrome.exe 28 PID 1080 wrote to memory of 2064 1080 chrome.exe 28 PID 1080 wrote to memory of 2064 1080 chrome.exe 28 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2860 1080 chrome.exe 30 PID 1080 wrote to memory of 2660 1080 chrome.exe 31 PID 1080 wrote to memory of 2660 1080 chrome.exe 31 PID 1080 wrote to memory of 2660 1080 chrome.exe 31 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32 PID 1080 wrote to memory of 2672 1080 chrome.exe 32
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://options.shopapps.site/v2/john-doe-us.myshopify.com/generate_option/6768349708382?tmp=16674310041⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1080 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef71e9758,0x7fef71e9768,0x7fef71e97782⤵PID:2064
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1140 --field-trial-handle=1204,i,10554783847656405341,14934158693458558355,131072 /prefetch:22⤵PID:2860
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1204,i,10554783847656405341,14934158693458558355,131072 /prefetch:82⤵PID:2660
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1588 --field-trial-handle=1204,i,10554783847656405341,14934158693458558355,131072 /prefetch:82⤵PID:2672
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2292 --field-trial-handle=1204,i,10554783847656405341,14934158693458558355,131072 /prefetch:12⤵PID:2108
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2300 --field-trial-handle=1204,i,10554783847656405341,14934158693458558355,131072 /prefetch:12⤵PID:2016
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1444 --field-trial-handle=1204,i,10554783847656405341,14934158693458558355,131072 /prefetch:22⤵PID:1928
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3508 --field-trial-handle=1204,i,10554783847656405341,14934158693458558355,131072 /prefetch:82⤵PID:1004
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:2344
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5ab23cafe6762f6fdf3b5e9277c2c6376
SHA143d88de2f853a38dca8a36de22e692adaf1d71e1
SHA25653027c2ebaa164876ec92280ad146a46c2ffd267def75318b25d719993545c46
SHA512f895c3ff7b87386bb016b096981783fffb8ad7dc417ba95ea835d88d162a9d56f68b73d095194ecef19c1c1f0914b93275c8397176afaf5117ce7ce385e030ec
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5558b427d0b8ecdf6415bd3d1e95631a0
SHA1ba20330c4ce4156cea52ab7276c9977e69d99dcd
SHA256d7f68d4710f6c5ca50f91940d9ae381d39e2c964adf410674577f9f653925b3d
SHA51212f982552b4e5899107e498cff1db846e7b15cb0923776ff77192a03cd5c3b19ed27042ba47ca929e8fda7138284fa0c15b1efa023b3e98ccdbe12efa9deecd6
-
Filesize
264KB
MD5f50f89a0a91564d0b8a211f8921aa7de
SHA1112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58
-
Filesize
1KB
MD53280ba722f4841caa1dd0abe7259dd5d
SHA10d53d9d2aa8cb06a38b56ee29b1fdd9d4ba94939
SHA256803b48167914827b91724ec7b16243903c6dfc53cd722340f598405569224636
SHA512be0d839abf8064e43b2788e9cc841b5f85dcea844776f7fbce17f4018dbab9e70314fd8d2973c7210c7f168a720aceb3499511cc624208207b5ac62d0c3944bd
-
Filesize
4KB
MD5c8d0b79e931fea41a3697e3d2a09389b
SHA149988eb174d4fce2d6a39924f6afb29e5f7a7289
SHA2567ad405eb0b5a56b6802d677a10de6e5b5ae72684b1dc9608dd3dbf986ddda065
SHA512e475905f0fefed41c5c75e01e81e0964a481767633693db3c54818eb0dc6c0d58113bd8fc8ed5e8496f5aeaca2375b99da16998939d601f5ab9502002ef08d74
-
Filesize
4KB
MD586611727f3170e037445c0b44f3c9716
SHA1749ec8b52ce5f845ae996abc454ce7076b6d1cfd
SHA2567aa57eeb59d285b9f0e8bb9b86a11d3cf410016d4c4f306089ff31466fc035be
SHA512be2d3bc45de4b4ac02bc2f3a82cc334b459f5eaafac8c7090ab8801f78975925b5139aaab94a42a2894db6267822c17c4984d7ef552cd736fcb064a46a213710
-
Filesize
16B
MD518e723571b00fb1694a3bad6c78e4054
SHA1afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA2568af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA51243bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2
-
Filesize
65KB
MD5ac05d27423a85adc1622c714f2cb6184
SHA1b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA5126d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d
-
Filesize
171KB
MD59c0c641c06238516f27941aa1166d427
SHA164cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA2564276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06