Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

7595709559...e4.exe

windows7-x64

3

7595709559...e4.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...n.html

windows7-x64

1

$PLUGINSDI...n.html

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PROGRAMFI...gs.exe

windows7-x64

1

$PROGRAMFI...gs.exe

windows10-2004-x64

1

$PROGRAMFI...ar.dll

windows7-x64

1

$PROGRAMFI...ar.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/01/2024, 21:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/eula_en.html

  • Size

    13KB

  • MD5

    24fd32affacb72e80f6ac66bebb71418

  • SHA1

    96abf0b673a687caec3f4f843fd026926fea309d

  • SHA256

    4808bee19d70e5f8ea5e6f382c6388c0fb1ec536152fd893cd6c7f03899efd0d

  • SHA512

    e189bc5468a2f6acea35303bdbebc4a511f36521a2690c32f992b44ee0fd03bdc5329d2674cf5ba5e5e43593fbe237dd8151501eff15a3d5ec89e85eee0beba4

  • SSDEEP

    384:BJV25irDTyYG38rzWx7oWfiV8QM0iXiyHq:kMWsrzWxFfvQM1XxHq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\eula_en.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1488 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ef2cec40b0088791f7ab851d6dd49fe

    SHA1

    b876335b2cb37d95988d4dd81a4b7e8018b56b92

    SHA256

    5c30195e9547aea6c7358275f4b8c7c2c3094d84a6e3568b8acc255e090e9955

    SHA512

    e85f5495d640e8d708400eb99cc2a4b2d4808e7c3827418519192c6274d576cd45d01adc272876dee0bcc87e2fe58f04f6003c8043c18b9dac859f2f0c955b8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48abd57306613f106e3ee4e27fb4d04e

    SHA1

    d4815003f225c4ab51993b0811ec8fd5d8bbf177

    SHA256

    e47577de0f072788d72bae4ab1c92defc736632f0ce0e16ae1f5fc51e53ec135

    SHA512

    d4d188328a1f0570baa2b80bc86dffb8940e3c7d04ad58948f2ed6b14f1567db7a5410f7f148fe84e73bc996cf0e52655dbbac7caa2dd9799c2ed524bc689347

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96310e1fb3348518bbea84482dd8d322

    SHA1

    9a6decc8a2ec9470a127902cf11e69a6a162542d

    SHA256

    02ec04673c9b4141dbaf3fd89bcc1cd9600ec100808c5043cd7bc487b069ca72

    SHA512

    0800d25e19bea3259291f5249e99d16047f24b15793b0486915aaaa0ae0db8947c076833875d8c2a5adb25bcb195fdf75ca0131df3fc9634792b7ba4c9d216b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    274d62c8f4fdead20911db0f28bd414d

    SHA1

    bd8e8c523a669ea41a387f758a4a9e171996189f

    SHA256

    ab43b808e625cf3ba412cbe476e90b3a50c08106561241beb4c7885efcdb89fd

    SHA512

    fe100f3114615f46e8189350e320db30e6c558d9d2506ffe5e50a07b4f25292b92ebd21148fa75fe065c23c330880c0f403401357dee986d7a1fd54008bc6d07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37f4ceda7c816539d3164174c9e441fa

    SHA1

    70809ea4d6250477f378da6caa28bb242d522c3e

    SHA256

    549a687c129155908a2bfd52ca965859c1c2444cc5286f5eab2d607b3885b320

    SHA512

    72d905cc59f9d3121480a9c76fc44d9daa1b29c5bb1b356d2a03569f9b7b5284b5898f31231df18b02c6ed68e1081dcc59f31917ede029dba58afcf4bc28a8b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f6ab4f50383ddbcfe09600a52aa66a9

    SHA1

    dab9b736928fbfe3de3c5ba840d003144577b531

    SHA256

    24485038efcf5b5c0f208fe39d3025d98790e861dd0b990beafc5e860994889b

    SHA512

    214921f7d69fe0c7051a375373a3b6c90fbb7e233160920152134285e0e063b6291dbd7cf35aa1afe61f7e70808cb23232c9263204568a32d75aa2e83d523912

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f78a62e29816e36918f52c06ad81c7b8

    SHA1

    8a608562bc6aac740ffca1ebdd19fd900d711dc5

    SHA256

    d3c1680536d12b610f0b58be97c3392c70957662af8a5c9bdcbac78af7873beb

    SHA512

    4e4bdc6784bd893c1d956b252ad208abf0ec94e6b61201bd84ed89e26cd5c332b679575aa61576d6e5c474c03a84e4fbf94cd3c0c0f085d8e058a6ac5a054014

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20cf954b004306ad79218e4b25805cda

    SHA1

    fd01aec336718968077849877fd521caae4891be

    SHA256

    13b73d8ec23469ea8dccedf188fff9cadd1579708b43c480989d142dddbf1efd

    SHA512

    b2843dfdaa8635a588f7569912457fb39d351938690d8b379a91bdea1a74b18a1cf2db4fdc7557b752ca1c07bf5abdadfb55195d9cd1c13f8ffde2659c4d368c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bca49d3c7dbf3af1ac2d838b799f53fb

    SHA1

    fcbe32e7a6b35035b1aaf24e719e3a8744f3a4d1

    SHA256

    6a44b2c3749c3d2b93176b788689b19050cc57ade17a6d3e5c0a0f4ce480883b

    SHA512

    ec8b89090e760e288a5df647d3addb1e0de02db9f16963538cd9e034f73fc0dae97cb135919ce520717b428f9b8b98fa7cd3720cec7dd8ebacc79412464c3cc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b40f9078cc656077b29e55ee916bd40c

    SHA1

    caf5771f8a71d7d2219d63d0d0f159a96d1a3c2f

    SHA256

    6fa1ac73b69851bd4b8e188451324b26659d7e8951ee19171b47e6e77b6bce3d

    SHA512

    c2968d08bc90b6d98a453ae388f63b3da83123f5d0ac7e71340796e280972bb95610cf77590d83cf3de3c38d3697ebb79e61d1f99e7d9961dec7b4f61323fcc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75ac76f25d54db9ce2afe1c87a4e8fd7

    SHA1

    b1d248aa3d4209d3fe44fd6603f37f8923dd2e48

    SHA256

    4606a672cc39bde35f88a87f3ddf0119eaee7dbeef1e196e2267eae0c6b4f4bc

    SHA512

    5d775c0ce52ff2a2d31e04aafefe4be4148d72056c9f5d983d728d93fd460c5b1b4cb91ea2f83ccfb299107dcd5496fd29812837024f77038e26e35262ffb379

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b18f74fe0f7db5d1d78b8753951624c

    SHA1

    c6288ef19382f31a5a96bec8107cc9a51a4223e7

    SHA256

    052c776ae72c9f866263fbaa5d6f8343048d35f6dba23d3e4c41a5536c59082b

    SHA512

    a0540cd19216b7dfc06a76551139a4a531f6cceaac491b1b68815c8ccfb9d53eea64cdd191be70bdd13d49977dd13ad083a213bd50c793ca59a3859649e865c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    663156c80cc7292ade4dab2a60fbaed2

    SHA1

    7d3c692c2a337e76de42ab34f1c107ff946b62ff

    SHA256

    2211d118812d814742c946aa73e7f0664c87855e391d44e95bd33c13f5991e96

    SHA512

    652975968f9ae02c04eafc12ec4d0da2de30154a8e14deb87577897d94636c27e27e8a4ca63622f71c5654167a8bdc5d017b26c6c0d3f36c6701e7296ffa40b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f45cc7cbfe42cbade0662e8441f4110

    SHA1

    d529097264b40930b70a66eba6a6839c50f31b27

    SHA256

    c949030f8cbb594fced7b047303335ac8be7444daea590c720732aa37a4d283d

    SHA512

    bb23dcc27348712bebba45a587546ea04c5e9aa2f4c75d92e34e023913cf4d7116f4cbc1fa03a7c7b2bb00256f2ebd8580571d3b680f587d6c9c431dfc21300e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7ac76b72d04662ae85aeaec6d346781

    SHA1

    b45ee8863ad91dd920ce9d5bb93d15a57da38b93

    SHA256

    dec7c3c0c7a173ecadaf9187a01627de7c02574d8957b790cd82fa34411286b1

    SHA512

    9160b7922c5683522993c1a9e1d99c8b19bdc3553ec5f98536e33d98b740c38bf2fc366c34cfa09322f14c8146b3462a72de67b9e1689cfb06947d9fd9765c2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e52d441216bf328072172decdb55673d

    SHA1

    1ae4d82992c3ba62cf34ff25924ee1cc826ef0c2

    SHA256

    ed03f536592924560a1fe2460a50f3f9183a0959e94197c5d9ea34182a1517f2

    SHA512

    661790db65107bf98608bd8aa996abc443193c4838b1980fd3dc73cdb3b3fad1f93808eb81481fc18e32ed937b19afbd098061a59428d811a8323d2c3028e926

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    527280e6262bf595b7a877a3a589989f

    SHA1

    30a29eb976893a859a10a820af4043fda93e4871

    SHA256

    d3347fab54e482a6f7897a30e6f72fae3fa171a28095035e25061e09f7441043

    SHA512

    66ec24cdc606ca09fe171850359d22de2b269787d29c189da79bdd4166ea367ecd20e1d10fc8b6492cfeafccb811ab6afa46bde94b24b5a1c77a4c145d93584c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc1c23f74437bc1b3ee54233f8c54ce5

    SHA1

    d4ea8c47ee89414d6e89b5fda26eb3bc3bda11db

    SHA256

    fe4736bfe5d3408823cad5b2c163f22b494c0f5925db44f74b2669ba48cd88c5

    SHA512

    dc62f402f516e334a43b856bb634af2088107a930f4451cbdc043c323b97c8d8f822998d9f75d1d51ab29d48dfb8376095ae9eb43ebb92441bfd8c5a3817389e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1cb42372236d604d21e57ca2656fd73

    SHA1

    086bb399c73d0fa38c17b3d5cac5fd8ef9c0ff01

    SHA256

    ae8cd3fb4ab629ba3c849837570d0d83ebfca8110c645ebaeb34e98f5cbeb192

    SHA512

    42ee0fcc155451a999ffd9ea8eb9113db4c8d0a1f86a7e5d35fd29b0f5b696fa74746eda02617b1f3672324c0a0eafa20667fa818abf00d2cb040da6096c26a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71103f2bd631a4baba16f048352f27a1

    SHA1

    6bc8342b183bd219e0524978d6db2546cf674ef4

    SHA256

    32cb85cdbc136ad0a8e437d9caa274f23725f31183c28a195ca1b1a71f843849

    SHA512

    865715130c41531643a7995f847ab92594734d93070f88e8b4f783a06ae7a4039dea9f95c02fbbea153acbd76fabf95675c22da0fcc48cfc8ae9abf760ca309e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab76C8.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar77B5.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit