Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

Funshion/@...��.exe

windows7-x64

3

Funshion/@...��.exe

windows10-2004-x64

3

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

Funshion/CoreAAC.dll

windows7-x64

1

Funshion/CoreAAC.dll

windows10-2004-x64

1

Funshion/C...rt.exe

windows7-x64

1

Funshion/C...rt.exe

windows10-2004-x64

1

Funshion/FAQ.url

windows7-x64

6

Funshion/FAQ.url

windows10-2004-x64

3

Funshion/Funshion.exe

windows7-x64

4

Funshion/Funshion.exe

windows10-2004-x64

5

Funshion/G...ss.dll

windows7-x64

3

Funshion/G...ss.dll

windows10-2004-x64

3

Funshion/L...an.dll

windows7-x64

1

Funshion/L...an.dll

windows10-2004-x64

1

Funshion/R...ng.dll

windows7-x64

3

Funshion/R...ng.dll

windows10-2004-x64

3

Funshion/S...me.url

windows7-x64

6

Funshion/S...me.url

windows10-2004-x64

3

Funshion/S...wn.url

windows7-x64

6

Funshion/S...wn.url

windows10-2004-x64

3

Funshion/U...ry.url

windows7-x64

6

Funshion/U...ry.url

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28/01/2024, 17:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Funshion/SoftReadme.url

  • Size

    73B

  • MD5

    0cbf9e7411800f09b1abf3acc9265500

  • SHA1

    34aa97932f3b8f04ed03a08a31d8d5a36b742bf1

  • SHA256

    e7414f9999d118e23d5f7458c932ceee5c59baab956c0f175bf4e64fcda028dd

  • SHA512

    92d5999ce657bf4900f9a22e3461367fe1b47e8de5565dabb81d8b928edd114cc6d8822eb6f240aca0fc783ab0eaf309abd8f624e9f5280ca9718e18f2436967

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Funshion\SoftReadme.url
    1⤵
    • Checks whether UAC is enabled
    PID:2084
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74feeb9ce59bb65db63231a23fade832

    SHA1

    30aca61f24597cb102adc9c120f8fc062a38ac95

    SHA256

    e6967211a82f314893bf9c33959e06a3fa88c6665514a0d1da7067fbf9240e65

    SHA512

    47eaad209d2518c400dda9feaaf2083899ba8125d731aaae06c002cbd2da97d05d0f80d0e4ae4bd3efe8367bd2c69f6b52b48f0f8e3f877c590b10ea00844077

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    545eb8e38184eadf06114bbfed5a7249

    SHA1

    7d2c02d7af364290276102f862c385e057adce83

    SHA256

    af44080f436921437d4b29cf6be64db8ea443e265039c6ab18ba57f67b3e9d71

    SHA512

    8d1c688b24e2fa9a896b503b59ec768e8d5ab5ac2b6aafdb3721a38c08663ceea83877264a46330cfce4ec539d4806e9c8d46848ed2cfcc7879b4cd74310463f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f56f773c52de5eb4fe03157997ecfd5

    SHA1

    3438e0152c50d91deadac2167279c1eba150f110

    SHA256

    a856c77504bf82fc0ce2a1f1c9e2b240ecb0e62a89de5c69c9709ebff32da31e

    SHA512

    441abe3a0a7363a4d9662275010323f1d6cc9025fc12b13f73e1db0adedf81a0cbdcabe9de0726a13adabe8167ac7c601a0a362a46d12553c5f3ad8a95fab43f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26642ddc73d4e9cafc1327d7baa062c2

    SHA1

    409759c34f893660392c75232d67725a603c2101

    SHA256

    b2c6cea1367b57b78ae5cef74415892e7a7c3636f07e886bb35736865f64e5d0

    SHA512

    4e8d7133d8b25a9e2ba1bb9acad5702b84b63c3e95b95fc506b206806b19685aecd917b577886339e9ae7fb74f67c1bc258c64badca1d4353f125d5d573ce46b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28b545a4d50c201ac8c771032a5b88c0

    SHA1

    9e7fb58c6eb5896625567e7db5176731551d05d6

    SHA256

    8a5b84bb95e91b3f64595fbc9987ed34ad96e79803ff630bed8eefc8dbc2dd9c

    SHA512

    89980a2f69a2f152987b59e0f1f0a09d5631b8ed5bd5b836dbedef48fa46b8b72e625192942b24cc152a2ddc7f9859e21ceb9d6b29f58523f98b9cedebb336c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dc82c344b95e7120d509a02c2db0f84

    SHA1

    d6c9022e39b98749d6ccbbb46eda3a13004330d3

    SHA256

    9479d6fd7a98d69d524f6f611fcc0e313a26849c19b5b90a940753c421021bc8

    SHA512

    a640668760af2ecea41a61092e659af68018cde997924f61d3fc1ed4064e3f06ab1c9ce94205ac15bb96427949ab24f71c2b2831369f97bd4cddf8cb2f01681e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf1b01a6f1659261d6862302c5bac7a1

    SHA1

    66750717c0aded57c224b2fcda3cdf9f012660ca

    SHA256

    98509fae42ca33012e4b65f24ee33cd66f58b3c265bd5004a7c064adbe003320

    SHA512

    afbddb96c91cbbeb6bd4e42309b561c85ad774e29e960646a08eb26500cec3618cb18c7daf7c3d190ce565e8b268dea51b2d4eec1985f2c76b68304d19f7a0cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    702c917b3127e7bccea652596bae98c5

    SHA1

    5d5a8cb3b363a8e400301cb48a4d13f23a952538

    SHA256

    073d7c6a8fd6f9797948b7aaa7f87a23eec5d7c830218497f42ff28262cb375c

    SHA512

    023723cf437ad00466062abb76f1615e5c12bb04cf0c811d8eae9c6dac4b51d6fed14570b09295de037f006e900d2fdf918f8190cb014c604e081afc3bbca940

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f41ca0421ec57440e15f2c6d0cb83540

    SHA1

    d8281d7a90e521dcfdeb4ce5bc29d74d85f64cf5

    SHA256

    19105e7f771007cf1075287b31afc3cda5891bf0d7d6b92ce013e5528b3897b5

    SHA512

    1106329367a66dbe9848dd416ff4b1296fcded397df6459f7a7045022d8db1d3d65c53eebdb3b53c2ddb0c2a67d1c18db9f14a83d25ab08d2a2aecc02ec06b89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4771f2f84ca184266f0ebe464e175e05

    SHA1

    557d6ddcf3f42fee31eb58db54f7b7651e3db85e

    SHA256

    2af1cc04d951bcbfad0001155521d6480e29d930a1880b16ca2280678bf422f3

    SHA512

    275e3e88d1add7efab71d38fbdf0a1ad04908a42bb2afca3e4cba822bed56adb281e7f3d79beb61674a4da2a34a67f49a9fbed35e2b4c4ede146b4d8b386977e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f3f93b4f724c048f61920ce8e328db4

    SHA1

    51d695c60951c5a8f63fc90560be0a082d31cc87

    SHA256

    9a97128ce95a5d46f3b9caffe6a35d681bcc12a7e2d3081b7120505d30595b20

    SHA512

    95432cb47633e1cd17e6afb67c93b93de51c53988b527f49e2a7f7d407bc362006a2a65e02bcf296ab2b269c7a1d1bd0894d0abffa9aa556bd0efc3999ddc8c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c583bb88b6bb2f80e026d5d107397700

    SHA1

    90ea16b257db5cd7ebbf61b7f6ac7b1bda6a7add

    SHA256

    7a4d37a8220621bfee6f546be680823303a996b5604ee16e8dbcc2690283ec23

    SHA512

    16f7f94aeed18c826c6e3506a2b8802eb5363e7993e01b7d299915abe5722457f849ae88f6755e755857b2d705f288b63e31e080f778ec6b14a99f0ec085ece8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86b2778a7653c5a98dadce888721d1bf

    SHA1

    057321e22cf19d2f87b9c05c7e10d8c0a9868c24

    SHA256

    d46b08e175f56b7fb358a1b5475b0fdb94fdc7a968a35034033d0047578423a2

    SHA512

    f8a498c9a4123dd00e04972b08b7e1bf953db5fb6405a778b43f92151fcbf416a23c88ea73b14629e4f6f283a6980b6ed5cd4d336df60804245cb44af348c217

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f361a6cf1a56c7376f7c35aee11ef49

    SHA1

    699711d35b73bf3c327fe34dc616f94c4e0f9dbd

    SHA256

    a618a53016f3fde61e03f67f6643d007f7d1f762774e46d89f9962983b5989ea

    SHA512

    0236388bca23c54b600699a07957c44d6122ddd303e1b493d72b361703bc77d7dfa14eaa604b4210347a73e84e08eae146c4ba234ab050ade45386520e520a39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70c795467a7707c9f31b02e390ca5db4

    SHA1

    f9754bd926a9566d828e8d8cabc5c176406de62b

    SHA256

    56f956e2e89aa0333afb10589a23813de23859647fa26b65248af3614291bd75

    SHA512

    6671fcfd090ff5b3ed32ebc68af4e12d0740489ec014249af8f085dd18fc345e7603f6091598ad29d5c45bd11a2a442c631771f3eb015bf1f0150ebd7540fdca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd9ebde36eb89209e98b180a011f9849

    SHA1

    fb992261686d3d7743035f109d694ea22932cd80

    SHA256

    bce180f142332531a5eaded847ffaf1585b9c7aa031a6fbf906088f9b3838313

    SHA512

    2a9c4bd197d4da6912074df2a47354decae9f3d41dacc477f45d57c43a18fc78ab78b9306d54a06d7bc3bd0a63a8d3148ebd676a1e5113f02a8023790ccfdffd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3a9f2120b5207e18005bf5edd70c1ef

    SHA1

    ff970e5dca4a9fe20fa640d9d85ef589a39917a6

    SHA256

    dfb6fd8ef52e12c7d36d25dca8275622fbd437bb6e69de1895cbb113dfdf93df

    SHA512

    e0c217e7bc13921e6d713781c539e5cfaed8ae02755fb76c81497230350464486712c678926762dfb59dd92b4ef31fdc24ca8a7cb5324677b3e5076ba9837dae

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9A8D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9B6B.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/2084-0-0x0000000001B70000-0x0000000001B80000-memory.dmp

    Filesize

    64KB

    Download