Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

Funshion/@...��.exe

windows7-x64

3

Funshion/@...��.exe

windows10-2004-x64

3

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

Funshion/CoreAAC.dll

windows7-x64

1

Funshion/CoreAAC.dll

windows10-2004-x64

1

Funshion/C...rt.exe

windows7-x64

1

Funshion/C...rt.exe

windows10-2004-x64

1

Funshion/FAQ.url

windows7-x64

6

Funshion/FAQ.url

windows10-2004-x64

3

Funshion/Funshion.exe

windows7-x64

4

Funshion/Funshion.exe

windows10-2004-x64

5

Funshion/G...ss.dll

windows7-x64

3

Funshion/G...ss.dll

windows10-2004-x64

3

Funshion/L...an.dll

windows7-x64

1

Funshion/L...an.dll

windows10-2004-x64

1

Funshion/R...ng.dll

windows7-x64

3

Funshion/R...ng.dll

windows10-2004-x64

3

Funshion/S...me.url

windows7-x64

6

Funshion/S...me.url

windows10-2004-x64

3

Funshion/S...wn.url

windows7-x64

6

Funshion/S...wn.url

windows10-2004-x64

3

Funshion/U...ry.url

windows7-x64

6

Funshion/U...ry.url

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28/01/2024, 17:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Funshion/SoftwareDown.url

  • Size

    67B

  • MD5

    a050daf469174fd816ca3df488a72400

  • SHA1

    f681e601e196d9f0dab7733d753fb920db35fe08

  • SHA256

    66891825360b4e2c2501918947ad0b1c772da0f22de62096b39a62d1cb8a63de

  • SHA512

    5234711ddca05ed479bc59f1fa601fe50d49409c92facce6319ae1eeef8ed5abc1c60e98ee1ed670d7b3e2ae12372d28e10e61cf78595b33f620e83449746089

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Funshion\SoftwareDown.url
    1⤵
    • Checks whether UAC is enabled
    PID:2008
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e8d3b1e347a441f53de185ab7b4e297

    SHA1

    3a81acf51bc37e4c29b7d459ebf02ec48e03cdfd

    SHA256

    c8be31cc3f761575ddd77e7792a925bafc991216e45896263e4eb4d16f9fdca8

    SHA512

    3e7ebdaea12fe880d5ed4ecf334e4c29cc151da10ead8664254bad721cf50162f1b91de4fe36537ee3e20c6cea80f247ce3433540a0d0709d7c0110825167e70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44fb4df5ffc6dac9af737faab545959d

    SHA1

    c5e66376c52169a6db12e0318148b2994a98350d

    SHA256

    24f144cfc2dbbd359caf727752063a6101dd2e8554271bf3cea05dee3ee81e69

    SHA512

    18175bcb3add3a10e6607283ed126db9d120bba1ce10b3a0c5b6654a78d10e92de4b91586ed73e4540812b5652ab31063bda03c0a440bc7ae3239231efc0c184

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3823fc5d2ae3121918918896ae0010b4

    SHA1

    ce7f5a15ecd7bd88c851d4da857dc65439b7e629

    SHA256

    9487468b48aa5c83f8b215cf22d7debcfcaac8414305cd0cb5a1099889ade251

    SHA512

    a598617b9d797f57fd5ae7cc3f1572f1650c46917406d0c4b71af9b218502517dff2c48be5a251c49d5c10bae66d356d31e6498d05be41c8fa8a9dd68067b606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd7863c8dc3a18bdf9a6c7dd5388115d

    SHA1

    98d3b86abbe573b0e9b5e51d1a424f39a113974a

    SHA256

    5a3225c0e952594deda761d12799c40729e442a182ea9aeb334003366c5efa2e

    SHA512

    f6a225cc1c5dd506a8480caa6cf75690aba408b939634a131b2e3bd0f899b1ea67a94c81f89664e72c83127434e43002301ea32c745e79f8bc724b0b001c2798

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a71ebf1afb50443804504162faa4328b

    SHA1

    4dadbeb52ed24e07cda923e27e5e183dcecadfd9

    SHA256

    1c4bf594034dcf5be0b070f6c421acffbda2d0cb51a6732b0c61068943b3612f

    SHA512

    536747b6c212732996d0fc90634d69476d4e7a895844237929b7ded183520208f4d55c99141b3098e8aa8f3539985cfa20bce2c2feca99b57ab9234a960baa96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9daf88e44b575784a842089ca1f2f75a

    SHA1

    eb89d20fd9cd30622a95ab45e4ec3e962ef4e3d3

    SHA256

    f4b07c212df20a0e36411927f36839b0e47f32ea8f6d3febb62ec235bd035688

    SHA512

    4ead5cf13e51827a0bc0cae16d16c79c0866f2cedd5d917ba80423126858ef031e0a079641127afd8ca1a9f3e44916a749eba3a67c5510eb467546579f95a072

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e47108a1475176c217783f2a73b569a

    SHA1

    e19b06ed9ae051a34f4108d02dcaf37757652379

    SHA256

    9c8ea72acc9c3da6b0ee2605542d2d9f8b2957c178b61701bf66bac89faf80d5

    SHA512

    7fc5151c7cff9e0cba07ed392c43d2bd5e77e5a8ae8f293ae90949da87c32bc604b5b76c548254ddb7ee3d8b2eba0b21145e7d84ceed85b5a9dcacb26bbc82e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f04cc1a6076c7b5e99699368470f7a6d

    SHA1

    ffe1ebf11e3f34b6a6231873207ad1a3ffee8b95

    SHA256

    c59a1e5b3bab5793472f8f535bdf6b8c9681ea1b06a41f8dc50b63cfc26a4e2e

    SHA512

    5391801860c6a368da45f6a40afe76458defaa5363699ca7f997dfa87a6678ef8ab9b7656661813bff68c4f07649df78a34173ff6784e1d7b3794d473e7f9110

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76f1a0c46a661db1a20963e02b98a08a

    SHA1

    def37c75ecd1182d75bfe2b1ba60d622ef6f59de

    SHA256

    1bb8f7ba50daf62c513cb3df1d918f94bfa648921b696dde8017f23681522b46

    SHA512

    ab336232af52a203f98d8541ca317d93b209aff1d35573b5bb2138779697ccdd43c6a236f8f15b98930b86dd632d26d9588915ca351f1083442f8e1db865b1ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57996ed2e4c2a4d27cc7a5377b67370a

    SHA1

    12559b168e647830ded8f188a4062f5140bf5e13

    SHA256

    ec1992155f4ea67f43207cc79073442cd9022781932d26846c03d225cbfa58da

    SHA512

    a7804ad1b5b83c45553716e25f2eedb44fcc9d8e6b7bc8d7f49e27b2d54a44812c26c2f55d1bbd5c66471207c166da865e1bd44eb7960c5e6382f9200cfbf29f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0cc0702d0636ba35cd27b2381577471

    SHA1

    c122e1e0586134f7cdd4fa2709fd1ba3389e2f91

    SHA256

    ebe2b5dcb63e2cd742ff0aa8a98eb755b134ff8041af18b35a243d807c22ad0a

    SHA512

    ad1c9287956f7777c198c93efa1dc924c6029919610c24e5ad5b06da2d610b0a2b3a47e4d7c76d80e5173aabb9a01b296bb1d075374bcab283b8448523aacbb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94acd14aca8fdf47d4264aed16708121

    SHA1

    d79d7c8e06c2319ab91ff1eacecd5803352e0299

    SHA256

    4ceaf0beb5671de21fb01f1d370a0a478560221b51de18967b2a16b521d45d01

    SHA512

    17e14b97b0d53dac50335f2c38d121afd218218fade7463cd39e914726c919a2d93e7edf63a023c0134ce5953e2eb265e5f7136e89509eaab1358425bfa2c6f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6f62751264db691c08cb4fa9ad0472d

    SHA1

    bbf2e82d4a260790ed2683d226df677839ca4254

    SHA256

    ee097558df64d4d0fca76dbee4ff1859a94679de0d67a0675fc21a788cd11f56

    SHA512

    d94beebf0c4578a0e179fd16a295e930f847ba09d00be99f56fad983fca41c619769746525b2f70a6cab9f1e568dc5cff474303f57fe93069f7a472edcaf40bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    020a1c13b135ee34150d96cb108592d4

    SHA1

    8db0a1f000d0b38b20848608f97af7d8491bcea1

    SHA256

    281ed3f9e09c869a3a3d66969b57d5ca3813d23cabdcd0040eef67835adc6967

    SHA512

    fec354a73ff12ebae10c9d76634aa416a2f81ccdd6ecb8b6ae1e170916350aae53cf0870f7b2c3ef75537ae4d95d2fb311a01d73e4d245654503832229c674ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dadc4ff041a1eef061dcf2a92d5ac06d

    SHA1

    c2ea7c03e106d6b0e5003f6aec70fef7c7887cd0

    SHA256

    9cbffa6a84da0f5edf4391e667b1f5e7b7a030fe4eb07aea697c53d37661cb3f

    SHA512

    8ac50daa73401f9ea1a77ffa517394e3b06f2fe9ccda7cae9099ca639eca03d7cf6db167fcc9477006dc274742f52a1f13f23569daf594e4e011d4171213bc17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f00464cbeed7cd402c6fc6347842ea47

    SHA1

    5d6554671587c88b2dd1390c93d90b892b4ab0fb

    SHA256

    fece75f51262b87dca46529e58a8c637d42560837714b3d9ca511a021fba50c0

    SHA512

    85303f11246d81dfdb92d22108121e3991d1bd4f5cff5adc652be6c2b78023ce2118c3ee35cae75c4deffc466a3db82ab06a71acd8f6e2ee73ef9e98331dc309

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ff40bc8b50fb0632c297845bf7763c1

    SHA1

    594520a1b70359a0d14cf7366ed9680d3c063b50

    SHA256

    d8006de96da25e245c570d6727eeb0da5a0fef779ad08dc991c1b489d9c89687

    SHA512

    69535f9c922660dfc9ae1081b207ab75ab76fd591af0255bd41c1638157ff7b5856290a31976ea996ed6018a23ba9b20343d3a06845e019aecc9dead1e613a52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b84ffefd9bfe20ba90fcd098c0eac41

    SHA1

    b3211641c861dc0373f18026fc7021f103640519

    SHA256

    2181d7b7e7b4f0e29cf4d65564a6125ad7971fb24a341371f61c41b58af69c35

    SHA512

    b48d978216f03489acb999e35942071d7eae4f3aa20b18c28ca1b36b72725cf99559a3978dbb00f07a8f517dc9e6d34891d9dab0a92157f788adbbf46cc19688

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ded1e303a767b4dfddb22ffbbea2435

    SHA1

    918b0a012106dcade75c3344d3ccfdaaec507866

    SHA256

    f76f1c1c6c5dee19e1b11a88e0c32c53eefccf38f02629f5fb3035fc6f103813

    SHA512

    a5ed93dd8916ac74337fa7f14656d535a23fe796395400b1779b18cbaddba4624cbd762b743116c1417962ee999aa251b67eaec21d6d9775829917dde29434d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2acbed86c6e7126ab139d6385f0dc2c1

    SHA1

    0e7d9bfb50c345d0d4b4c070309e9a2b785b3874

    SHA256

    9627c055900adfb89cf79281edc079617739596c9dfbe6c5bcc6caf487704cba

    SHA512

    3f62be389e123fe03cdabd7eb065157632bb0c95af04877d6f9a0baf8c9f11ad690d6b71d03e8711346333b25eafcffe940f5e97f9a82c53bb224a9fde25a821

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6e66dc640d6ff3069e7c96a1084281b

    SHA1

    6bbe07dbaa95f1f8562ae140bb03a84587705306

    SHA256

    60380e563872ccf9ed95e973d4e9390e3c5dda26524ee4bd961499cd4c2e5df5

    SHA512

    1469717b68dc8ee6cf292ae912ee97cb497022462be0622db267c8d4fa06e85b9ca180a620c0ad89fa13a8290e097ead6f5fc200000fda3acd3622774105bec4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c421e1748c6363adc321f209fe717793

    SHA1

    c24f1f1a636bc8a696314c9bb463d7021ba98f5c

    SHA256

    39e2b8515b5d0522a5ad8bdd21be9f33efa8fc970487e51b13e76ca27e3d82cb

    SHA512

    222755230422d5797829cc5ac3d7aed2110784f5eee9bfecc32e2243b1882a5488511e0a4a11d49898190e21fd58df1d2038a8fcc217025d9cda5305ed60ca93

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5959.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar59F8.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/2008-0-0x0000000001BF0000-0x0000000001C00000-memory.dmp

    Filesize

    64KB

    Download