Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

网愿科�...n1.asp

windows7-x64

3

网愿科�...n1.asp

windows10-2004-x64

3

网愿科�...or.htm

windows7-x64

1

网愿科�...or.htm

windows10-2004-x64

1

网愿科�...de.vbs

windows7-x64

1

网愿科�...de.vbs

windows10-2004-x64

1

网愿科�...ut.asp

windows7-x64

3

网愿科�...ut.asp

windows10-2004-x64

3

网愿科�...us.asp

windows7-x64

3

网愿科�...us.asp

windows10-2004-x64

3

网愿科�...S/1.js

windows7-x64

1

网愿科�...S/1.js

windows10-2004-x64

1

网愿科�...S/2.js

windows7-x64

1

网愿科�...S/2.js

windows10-2004-x64

1

网愿科�...123.js

windows7-x64

1

网愿科�...123.js

windows10-2004-x64

1

网愿科�...ad.vbs

windows7-x64

1

网愿科�...ad.vbs

windows10-2004-x64

1

网愿科�...ad.vbs

windows7-x64

1

网愿科�...ad.vbs

windows10-2004-x64

1

网愿科�...ni.vbs

windows7-x64

1

网愿科�...ni.vbs

windows10-2004-x64

1

网愿科�...ll.vbs

windows7-x64

1

网愿科�...ll.vbs

windows10-2004-x64

1

网愿科�...ta.asp

windows7-x64

3

网愿科�...ta.asp

windows10-2004-x64

3

网愿科�...te.vbs

windows7-x64

1

网愿科�...te.vbs

windows10-2004-x64

1

网愿科�...ob.vbs

windows7-x64

1

网愿科�...ob.vbs

windows10-2004-x64

1

网愿科�...or.htm

windows7-x64

1

网愿科�...or.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    11/01/2024, 01:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    网愿科技-人才网 v2.1 Build 1228/admin/Error.htm

  • Size

    3KB

  • MD5

    97a0517384971ce46d865223461772b2

  • SHA1

    8a9b9e5a128687efd5e77c31e479ab29b15104f2

  • SHA256

    23ec4afc793fc40a1954333473fca66d7b4fad984621bd1e04d10c9851d0ce3b

  • SHA512

    34b2d6443229159fff64e260bc3bfd7bb2f9c6559ce2c88b58d1e1bc10f2be0727f28c7f8f8d36015ade3b6afe7dbdbc0c4287517ca604eaf56addc6f1b998d2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\网愿科技-人才网 v2.1 Build 1228\admin\Error.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1960

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57c5b08e864d365f6f4d9ab079b03301

    SHA1

    b790640dfe956e6049b0fe1ff8d5f280cade05ee

    SHA256

    922d99d536caa9643621edbb84b32f26671c5b560cac73ef1968b275631b9b6f

    SHA512

    bae037dc195d74106b042832488ad3e15a6f041d02732b515af093ab29e65e213df0ad12402e3d77ee815507f5a6966051080b1e4992e11856b6c3d02cb58ab5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89676dd8226a5d1783638bedf0f17810

    SHA1

    b41b80b6c7947f2d631dfacb5b3cb0137e49c8d4

    SHA256

    24d1d34e71007deeb89797a9a146c8461bd22f8599773b52bf633ffdfee3a9fe

    SHA512

    25b39be740ba8ccba874bfbb5f78fef2f0f7e0b6db95fc9d40719abf013be3a90b77f594b0440a22afdb5e69be78d57b1b2560f2769cc6322b3282d8216e2e79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69809ab16569a77a13a45d3ea52a244b

    SHA1

    29f8ee8775aaacc67f6efda7938b12639c4c9a7f

    SHA256

    6d02f186896edb90bf7d3306c229ce569635479d5a2f466485dfb099f76d4b12

    SHA512

    4bbdc99f504231835259fbbd0afab7d72ab7f64aa11b6a1ff017213b4db312b3e1f6d016f84884da4f97f3da1f1a6f702017234dcf02bcedd70a6b355fc0e0ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93cadb2f2c8146eceb45f0b1af421a0b

    SHA1

    a1673d6b6993d24c9708942097a2210a366d9244

    SHA256

    7a998de8629220524577ef95489580b12961a962273a0e6de659ade87c46249d

    SHA512

    aadfa6facee6c54e7297e4cab63d433a3640b8c76f758c22a7fbe8c4e0fae4c69102c176be47173b8262cb5c4e08be6e63d82e75a9aca1d180b5fa7f37673f5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a81b6551e033561936a1792b09ef567c

    SHA1

    0fa7827bee1e7ee0932ae73c81abd2fdd8279ca7

    SHA256

    2c45dc46ee727182b6dd6efe58acfa03f09277b122bd3548f7d002790c2f82ae

    SHA512

    1f9a46d4ed41e31913382aa300cd260ecbcc3d6ea50484a17b3795202d7bca8f808c35d61ab564f54cd7ae4949a33234c9b39a135dc209cf893914eef446257c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f401064ad6482eda8f502dd151e583b7

    SHA1

    bd4c3296003e31d2ccfc50c0dae7dc120110a161

    SHA256

    8246851005af9a2e6a04d6bca3ec45a404726361b5f7b7079239ca9c96a8adf8

    SHA512

    9a8a758ecafa11cd1a4fe7069df38c69e7068ce2aef707ed81091e7248b1268c4a2531195ad37911f8276bfdc25f7010d9ea6a52c0eeb183d507e8979b86f442

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15b5e02dd7508f33b3211e4af0100197

    SHA1

    ef11887a8cbb0acb2bb183b5d006c3cd67e3a74d

    SHA256

    5671c1db5363ec40cd6865982313c1deeb4e7c439beff23cc1d963d322bd4edb

    SHA512

    0ff09ec5f9cde2e4ff6587ecb2e6b7fdcc1ddcf5a9e0db572ad4196ea106cedac20acd588c9b76452fe37a09fd5f1c60d1dcdcada04bdecbcca16e9f829c4bba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0ec4db5c3328f12bae4d660afe4fd6b

    SHA1

    4441e163a6c842217536e40364faf289d6515c14

    SHA256

    a8c77a0fa0205105e29d69454f167eed05d95d02291c75f8e1dcd1ad7093cd1a

    SHA512

    294a28bafc7933bbc47d0ab628f67718d783375ddac4e96aaf092a48c8e265e09d222cef9f465fecf41a2a40cde638550830a13b9f6268897b6a71947aff1467

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aca33be5b8c79e3f7b4a44135a70cf9c

    SHA1

    f8cb1e0273d841e9e2a9c138957e00829937cab2

    SHA256

    08f798245542ee7d1617c60453738aabbc9e5f69418ca78a23edc76ddc8c849a

    SHA512

    b899c9262e3e2189a490c5c1d70f50c5962d7baad9c3ecc470cfb17889aa3a3f01ded5d958b12015ffb22a6d473ebe0aed31375cbabe658b902aece61a96a8d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8961034872d129333e4211d354dc246f

    SHA1

    8769bf2e16563de5359b10fc8a275b671cb7f17b

    SHA256

    b5845037d8ca0bcc5ab6ae5f0585ae59868affaccc8460ed0ef944234e65bf1d

    SHA512

    ad901ff6836cc4bdd89465813b96fb43be5674112a2c89b0d550b355b031852c8dc55f864315c0d1be44aa045d70367bd775d57ae9c6f2521306e5cea811e31b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fd11c11cf62b771a1b503cb9f16c5cc

    SHA1

    b3c580f658ba0ffc9d4d8a94a347709f490c8e08

    SHA256

    43f59473c2b3a0d0324d24db8bd9fd9a9c28c2be48b99a58376fcd8340ecfaea

    SHA512

    2ee5f4868924cc6d0056230648a6f89e7c5951c6bf6373625d2ec26f294b905ace0f707e0f1613eb9e328bab919a4f95abdc5037b680ce84e90b3f5d42e2a106

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab78F8.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar82CF.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit