Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

DeskSpaceT...up.exe

windows7-x64

7

DeskSpaceT...up.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

deskspace.exe

windows7-x64

1

deskspace.exe

windows10-2004-x64

7

deskspace1554.dll

windows7-x64

1

deskspace1554.dll

windows10-2004-x64

1

deskspace1554_x64.dll

windows7-x64

1

deskspace1554_x64.dll

windows10-2004-x64

1

deskspace_x64.exe

windows7-x64

1

deskspace_x64.exe

windows10-2004-x64

1

help/html/...e.html

windows7-x64

1

help/html/...e.html

windows10-2004-x64

1

help/html/...d.html

windows7-x64

1

help/html/...d.html

windows10-2004-x64

1

help/html/...e.html

windows7-x64

1

help/html/...e.html

windows10-2004-x64

1

help/index.html

windows7-x64

1

help/index.html

windows10-2004-x64

1

uninstaller.exe

windows7-x64

7

uninstaller.exe

windows10-2004-x64

7

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 08:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help/html/using_deskspace.html

  • Size

    13KB

  • MD5

    8d1a4be243bb4d1232b379cdf43b6898

  • SHA1

    cbbee0f656056cf247ab462441ab237fc48c1c4c

  • SHA256

    9728f11c8f4db27d87c4166d01b42b2fd41e1d79af7b969c214bd9c842feee85

  • SHA512

    866045709359c5dfab3861d95625ddb45f7c9a8e162a8012b9822e5380080075ba701e10ecfef78dc88a2bbcd28f043278a79ac66abf7c772a9df4bb4174577c

  • SSDEEP

    192:CDYmqZGsEixf7UehvHQnGvp9bcF1Qz4aRxPfEx:CD7qYsEiB7jh/QnG7cAz1P8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help\html\using_deskspace.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2324

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a23b397b9fab311b45db658e8191f1a0

    SHA1

    a4a8c1cfb5e5293a53a1993a7eaa8b0b69b4c4e4

    SHA256

    66a6a2935ee4ce95d93b73a6e7452f5d81c5d9987dd56ca512aa50f86d4eddce

    SHA512

    befe512d6c6a7dd0b7ad7f64dc18a6aaf6b5a53ca9f1e77e6bb3ee6b7bd90ecf501f57f0658882c7b6d80986e28e9082df0e2703ff7896fa3a775bf06e6343ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae30f63bf1e4c6656fc09af1fb695d77

    SHA1

    e2eb5e6efdf8cbf2a86ee60def513438ded34b92

    SHA256

    3cf5dec4a751de39d24541fb88c4f96d4385e45f707e28752d9146b7a2728abb

    SHA512

    5fd0c0dca3504cb47b8e318bcfc9b388084f5e8a562a4f5e38e0cb08a56978aa5fcb2810453458f9bad8f5b8a387a95d9555afc6d43c98e33a5887bd8c4cbb25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2dc5bcf4e28c8d5701a21f8815d075c9

    SHA1

    7ec846fcc5525a0c861d107d4ad10c4654b7d291

    SHA256

    9cba29782d91f7b8168b3d07ae6c5024e85423a249f00eeade2a43610bda66cb

    SHA512

    dcca728d8f0de1a813d8d818a3dbdf291679617714eec73fd90641d809b13b4927ab646585b1fd56b556705cd44098f044322b7fab0bd5608b78071c640f4245

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3f106dd7c4508b64870c50de61e6477

    SHA1

    86288498b4771c3169b10deaa3e5e859f0a39832

    SHA256

    e9be414fb1c10369ea8ccf0340fbda187d774624fb5d7f86f359d7fda2a73dc7

    SHA512

    d0f3c71a2857aae14ce127615fb26f3c305991df1ccfdff147ab6220be262679169594fdeec54548778df3c0b57607123f061736c1f3ee04ca3f0366a2e6eb7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fea60e3bc3642c9ce31ebb52900a5ac

    SHA1

    dc0b1c0832c9a216a37b11061c7fe4b2970d8ad4

    SHA256

    c2924a0910d5d97b5983887a9030179987a04045a7dbf0f1573cb64a0217a751

    SHA512

    eaee58668beee2fddd5800cbc27009f11b812960555fbbe8d1c32a3d2dd34a73c46b54e4287586cde0cdd7c761358b88cdce15a18bed38872d5130eb49c29a4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e163b54bd7858e4891dd625d3b46426

    SHA1

    10516865d2a4bb4d78bc20cf12905685fcaaf115

    SHA256

    3100213443e1d7a0fdea76ce0a2db30051c857a21834110831e2c1ea4d6da4fe

    SHA512

    1cd69d105743ff732f7ae21a66ed05fb07c01261753e872c35d0e1967f056c2e8457a20baae4e54420915b3544cb35b0c6cfd5b7ca45f3511c924cb6a1ba7dad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47d38592b28e39fba27c9e50fb08181a

    SHA1

    c2c327809d6648916d49b20ef68709e9b22b0edb

    SHA256

    67dc3303b3d8b82e001bd6a26f6d398e607c65b0caf4416fd57f06b1b7788231

    SHA512

    c6c4518e3afa18df48d0ed28b5e06e32a0500b6809a1fce868cc7ce071e3351c5a90787f99277b1d478aac772f86290b2650f04ebf8fa6ca0e5cf80e9e38c7d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f758745088d94423e395ec0a310d93bb

    SHA1

    11e49ef8557ede4a99140e586bb84e9abafd98d4

    SHA256

    5efc5145f26570af642bde94c8684082289c7599337026f42c546aa72b5fe89e

    SHA512

    f89a22af0fc9d3219ba81293970b9250feaae6e9f344c448dbbb2eae7d1d1dd30d79af5360e0c1fa2f39ba00f5cd5ce5c622dbd7f5fa90f508dc6f629b9c666c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5CA4.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5CD6.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit