Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

7b857c19b6...2d.exe

windows7-x64

3

7b857c19b6...2d.exe

windows10-2004-x64

3

$SYSDIR/Na...er.scr

windows7-x64

1

$SYSDIR/Na...er.scr

windows10-2004-x64

1

$TEMP/dospop.exe

windows7-x64

7

$TEMP/dospop.exe

windows10-2004-x64

7

tbu03852/dospop.dll

windows7-x64

6

tbu03852/dospop.dll

windows10-2004-x64

6

tbu03852/options.html

windows7-x64

1

tbu03852/options.html

windows10-2004-x64

1

tbu03852/s...g.html

windows7-x64

1

tbu03852/s...g.html

windows10-2004-x64

1

tbu03852/s...b.html

windows7-x64

1

tbu03852/s...b.html

windows10-2004-x64

1

tbu03852/tbhelper.dll

windows7-x64

1

tbu03852/tbhelper.dll

windows10-2004-x64

1

tbu03852/t...091.js

windows7-x64

1

tbu03852/t...091.js

windows10-2004-x64

1

tbu03852/u...ll.exe

windows7-x64

1

tbu03852/u...ll.exe

windows10-2004-x64

1

tbu03852/update.exe

windows7-x64

1

tbu03852/update.exe

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    27/01/2024, 23:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tbu03852/options.html

  • Size

    6KB

  • MD5

    adc6e16ce6e97bd1eb19d3a8dad7274f

  • SHA1

    12b55eab3225b2250ba051803f7d791db59a46a1

  • SHA256

    29e525a91d8ac4ec6bb2fa299a404d9f151b45400c7cab09675a23469373435b

  • SHA512

    2c4bc233ae8741fe0a6995845aa88d707b347cfc78745fefac346ce27ddd5b799dd374bbba15516f6e61348f52720be3639cf0cd925a599250a9947a33ab7103

  • SSDEEP

    96:BKQ/O9mOdYCQiLFyzNYs90Yi67mX9gPui39bnLNza7/OBgx4wTn:BFj1cFUYJYnV6Bm8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tbu03852\options.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be65894917b9d9fd688dc96debdd4eaf

    SHA1

    041e6e0a60a6872b4864986211a968dec17f124a

    SHA256

    7b22ad833748b8ea4b02403bc66462366808555a1734c579f41a09f42af2a027

    SHA512

    83f71349a8cb82bb6a3eb1b9e31070ff613ab2e0b6a945a872e6598cf8c519f7e9e7c466286e9d433b40161c16ab8105a30c36b8195fb396f6d231a645868dbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a77768742079e647ccf5da283bd3f55

    SHA1

    f3f93ec8a0de7c56ee4905f876992b0285fe1c95

    SHA256

    2b479bb34eac968bf6090758ecbc1d9117cb18092e5bb6a53d7b53d324045674

    SHA512

    4dbf00fe5456bdc1fac22ef51b89edb4c2c78eb82947116fb5533929971cf037ba3640b4b22c752913ba1b7aa7a849f3b143100da30d288c662d656beafd1a04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    673488cf3402e717ac945ee8b04a68e0

    SHA1

    cf354dba8e45125acf64464508b5ef76f6c40480

    SHA256

    e1a0ab2fa670daa895540bc024638a0a98bdacd3724683062119eb49a78b30fa

    SHA512

    b42563479299d8b0a8791bd597a79e94939174ba5c26acfdd50ab6e606800e865fbc903e246617f78ac67114b99de4ba5ae0b5436951e195316783d48714c620

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc18da9e4a362e47ff7b648043ecea04

    SHA1

    29a851e02a023ecae482de3abfd79bb64c5badb2

    SHA256

    ee6ac4deb2f2aa82459d3e144ef752f2d4148b332ff1cd2785bbf63fea7ed7db

    SHA512

    9accf23d3ec8bc73484389fac85c09d184233d4345b95c7ada23eb3ff9908fe40b18d5c4eae4dca90d701d1c4d687e5f28aecb4682082705c02fd97a01cc9b97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fa79a1720295034b79b8f5fff005edb

    SHA1

    0ffd5fce0df5e80f3a4edf398ab91fee4e4e3948

    SHA256

    f99dafd4c4dfba2b3e8472f596c554a1431b7cdb28be56cfa459568fddc3b85c

    SHA512

    80632f36611f26f238eb021237ed9255cbaf85d49d514ef3f0f5fbb4db21b98de8a15c3271628c616b162090169a6b9e6bb952a2a4c05d42cfa5ae61b022165b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2934363fc4e2d8b2584d51c4cbe7cad9

    SHA1

    862010cd73ea4b60032d6588541ca02024dbd996

    SHA256

    f3d8a561035f9838271caaf90caec9f126f64724dae0c0b6e70f5f43682a8fa4

    SHA512

    ee5d8f4e35e24c38071e399c9386d9571b328aceb069b655296e5b9d3968f3123ec9ff0fae66d1c672730365290db20a5c80e446869953ee8977e90c6ab3dba1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    adcccbbfabb024dfe424126618347653

    SHA1

    0a07677bdd2965ab5bdd9cbc0f14b84311c23049

    SHA256

    7661708f3d35959526c581edc1cd0460bd1b524d9b860ee17913422588f720a6

    SHA512

    30d25fb2c6a2d68d292315f621da585c622bb29871f7ea531d5964380ca618638b42fe9c3a421784edf0cbe140998cdad5e4bc05f0199eb710fa6db14f132776

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4083c6ae79bf191877887765f4e1c23

    SHA1

    a1c4511e8e6365ce2625421c0603d1b1e152f0b8

    SHA256

    1bb8a4d0d6fbcab92f2687779e727ca03e207e6593b1f96f5bc00c3040ecf5dd

    SHA512

    27327b4a2f18cb654d90cc9ca556c29964021d71e55feaa39f24a3b6f7508ceb303df03b6802887ff74009d5c24396700bb1c9c9cbd8391ff7d621d2da83ba43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25bd0d3970dd0cadc2e5b170acd5af2d

    SHA1

    33582aee5d834404fd802549996fc9c3fd8bdc5f

    SHA256

    0decbfbf23540c1c66fecd1698c85b63a36876826f6b8796091a9ecdc5e29fb8

    SHA512

    15529c1f7d12e2dd07eb817c6c94f5c66c575095f54deaf662ef49e84c5e6a18c1a073f47e4a6c6d3064de4154c39ed119487a5ca5093e83ed72503badb9feb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b16771a498c34a286663f9002a1ca4a

    SHA1

    92bc6082bf45b1fbe7deed405401ab9def206d1c

    SHA256

    ffd583e8f112ecb0c0ff3d3116c8bb76897b9d91e597b4da9826c8dc63d1773f

    SHA512

    4a38d8e648608ff46cce21b4608595086648ce228d67b8095805625250cb4902b413721691c7c55829e3fd138d31226dbb0aaa667125d2f23617aca0ae8555be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c84725c67cd268e85e01b23780eeb1e9

    SHA1

    96aca9beefdc2d5b06837bad246cb46d1889e876

    SHA256

    84ba505627f523c03c277e6d2f5dec88ee4be09cb91cc3630200e1b8dbcc487e

    SHA512

    c3d0326d724721677e3a02e1b54ca27be728d3338818fbb01bd9d29a1c0e4296d0a65dfd2981247a054f3137ef65b8f624a0c1a4ed098a42fdec79414b894118

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec9ba687d745533234df3748a2a68e4f

    SHA1

    c72f5cd39f8ee14fe4996e73c8e63dfc9a4aedde

    SHA256

    9b1c61fa02070ac66aec944df7b86725eac2bce18a612e9a4fe376bff1524e7a

    SHA512

    c84ee659703aa9daa59ad534f86b7d152918c0c783072990fc472334b919fb531d50f59a326272f1c3ddd08b72d0c6eec4d9fb84a5f9ee5e73d1b2b14afb3800

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87a3162569f3056962fbe9880df0791b

    SHA1

    6fc95d8a397828387cdc4fad8fa12bc15c6ccbb3

    SHA256

    c2519f265e81204a0c3fb143c2789c23bcda600efc433641781645960d42138b

    SHA512

    8562c70e5fb0032804ef078f7ddbf74c385999d65d2c24ee39847b7659c3552ee0a7aa1ea0e63387e4bf9b9b9d0847cf46597ee550e4e37f7f9f4d51ba08e0df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4343e3a9cae78add8f32cc80a508ce9

    SHA1

    c7bf918176a997a956a25d974e4cbaa4df5b2b21

    SHA256

    0c78ae166301f98e216000ddfe2845ec56b6307fad636a38a78f6e5f9c31c3a6

    SHA512

    2a7769ce7c7f4fdde5d569ca555429c01721f649e1f8427c054467cc33cc22e9f7e5f6ffd437153d583cbaf37051ec3fbf1debf5e1ef2aca98a2a674d3546f62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c25257f6e050cb79bb5e68a855c4ebbb

    SHA1

    a76008e4606dc39c713cef409b1acf4e0aab39b8

    SHA256

    d1636aa6cc4b585b49cc54c9ac9617fbe89203a2ed68b9042531a628b0997b32

    SHA512

    921c88ede7a3cdc761e1af7e22f2ea1ad66840dd67bd3b73762e23b05b261a031fa056039ddabca0a8a9ede0d71d93c11aa4e3af757edbd0389439cb51977bb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bebf9b2e7dc0f49c44685abaa53f1202

    SHA1

    7e15242392e3b3e0cf1b433a15c6caa1b363bb83

    SHA256

    e2a209654f055391c7f7d920f3d8b9deb51eadcb34e54629060607e99ba754a7

    SHA512

    c44313216d53cda6dfdcf23a71a9adc8fd12a2b2a7a039286172541ca3ba167f770db1d8f7c60ece5ac3d6ebe4927bf97237c60d0abe391c72803b013be94ff9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    258f64469d212e6d03727555a9e6145c

    SHA1

    1fc571d873c75be7cf8c645fb0ec33c43dbf43c8

    SHA256

    b17fce907874b2a55127f54fa979a048dde85468453d5626220fdd4753a1538c

    SHA512

    feab9c24f072ff61e48f09066ba661d0aa83bc10eb4b834c7d8e3d0e8938c388ae6500cd875b7838a3590e34f8efc3a1c9461368a97db38887ca1dc06235a90b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6D17.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6DE6.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit