Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

柯师电�...ut.vbs

windows7-x64

1

柯师电�...ut.vbs

windows10-2004-x64

1

柯师电�...hy.asp

windows7-x64

3

柯师电�...hy.asp

windows10-2004-x64

3

柯师电�...ss.asp

windows7-x64

3

柯师电�...ss.asp

windows10-2004-x64

3

柯师电�...up.asp

windows7-x64

3

柯师电�...up.asp

windows10-2004-x64

3

柯师电�...up.asp

windows7-x64

3

柯师电�...up.asp

windows10-2004-x64

3

柯师电�...es.asp

windows7-x64

3

柯师电�...es.asp

windows10-2004-x64

3

柯师电�...oX.vbs

windows7-x64

1

柯师电�...oX.vbs

windows10-2004-x64

1

柯师电�...in.asp

windows7-x64

3

柯师电�...in.asp

windows10-2004-x64

3

柯师电�..._p.asp

windows7-x64

3

柯师电�..._p.asp

windows10-2004-x64

3

柯师电�...og.asp

windows7-x64

3

柯师电�...og.asp

windows10-2004-x64

3

柯师电�...se.asp

windows7-x64

3

柯师电�...se.asp

windows10-2004-x64

3

柯师电�...in.vbs

windows7-x64

1

柯师电�...in.vbs

windows10-2004-x64

1

柯师电�...nn.vbs

windows7-x64

1

柯师电�...nn.vbs

windows10-2004-x64

1

柯师电�...gd.asp

windows7-x64

3

柯师电�...gd.asp

windows10-2004-x64

3

柯师电�...ow.asp

windows7-x64

3

柯师电�...ow.asp

windows10-2004-x64

3

柯师电�...n.html

windows7-x64

1

柯师电�...n.html

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 13:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    柯师电器/admin/fckeditor/_documentation.html

  • Size

    1KB

  • MD5

    7dd55af76abf3362cde8ccfc2a260e76

  • SHA1

    3c4e6e0d1921df0a5dd54896c756c60eee3fd26f

  • SHA256

    b521857b2f606adc2bc984894c4644f273d5c6091572e56f63c06b11226355c7

  • SHA512

    8d5fdd362ab968fcf703a5ba5bc2a7d65949c7962e196f2866cff5fc0be712dd21dfba43c1b4f25f05687e4ffb185f24706b897696e6c31d5295909ded6cbffc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\柯师电器\admin\fckeditor\_documentation.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2448
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2448 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d8b5c0b2f7210fcaa1a6d3ecd6d383b

    SHA1

    3d2718d8610073ff72c03e54f912133df2e8f297

    SHA256

    e68df47530b7cead841e7516e7300ae828ddc34244ab3211400200599cc220dd

    SHA512

    aac12c7fe02de92313774d96295d03e0f5a9d0a3821d698fb11e9b1c0b481f1a9b2fd3a0ce26b3522c0061ec491e45d6c76038ee34833d9292c329ee50a13a25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fcfb4bae8056bfd294ae89839e979732

    SHA1

    b1a58d5a28cf91ad4568805eeb7433537d79ebfb

    SHA256

    ecb48bf48656b02dcb935be1ef49887603cb87f49965ced81d6a194a64c52980

    SHA512

    5962ad6604971358fd6189e7696400d5ac5d1d55e797510f2b344126b40de24efe8e11e1904b35226b316bb2f19d197cb2f239a6c302eecf0b53fff8291d7774

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    83289825dae3b0fd264782fcbcb24340

    SHA1

    8a76d9259d0c6586c113b36d83163c6c6e73621d

    SHA256

    60fb1014dad3f22505c12f685dd4044636784ced15a34b4f82f5cfe0a7c822a3

    SHA512

    248e06b3f3247107a5c78304a0fecacc9ebe48aba651d99338ab6bba136775170967c73ee41767d7d876deaf69137411fdbf6fc405f1f6217a432a9c9d6f608c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c354481553db7e9538b0fc703fd6f31

    SHA1

    9b7d542fd778b3dfcb35611bb93abf4eeaaa9f51

    SHA256

    8173b845284bd5d0bd9eb81bf6837677d406547201c6fee3b677c795c10f66a4

    SHA512

    969603718be4c005491f01118b614f3f4ede83f3c91c63ad3a84c1317a16cad660eb397cb3d7fc1e8a8952debf6345228f996d8238d9ac085858c4bf3373a553

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d15c29c94c5b5d158ade26bc6d274c3b

    SHA1

    b4fafbab31cd5ddca3f5e64dfebd11dc9340ed0a

    SHA256

    85c0131630d1c6e907eda3a4a3a289d187f2bb97c064772a25658e01f736c61b

    SHA512

    46b7d167af26bfc31620f465dda813a4865446e0da2937760b482fa6ec1aab20902f495d242207c053945a49e9d3adf22351f2a8c1d573b1ab7ac451788b9767

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e769cecf65a0bfbec700f691292af98

    SHA1

    d2f45de39ae24e5e391c042158c535c6f65b39c6

    SHA256

    2c1e0aa37540acf71604dea6672790b3b91ec2cf50e9a159f7936ba7474b0c01

    SHA512

    a2d766aa5516fafa9c92991969ce50cb10d43cc35cddc1c1a40d8b7fbcb9fa94d4939c409f5ab62395171c577d4bd8990b9603c9ec37166368a50ef2f70cdf75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    77fa92eeea3a9483f666f68fb2032962

    SHA1

    6940291292da89957128846e5b7959bf394f9b1b

    SHA256

    af699399c5a76c071b76a399a29fb399245d8c8c65c5d7936df67154982fbdeb

    SHA512

    b2065374d9a91b043bd24a56cb1cbf264fa1dd8416914e2d41487d1edca6f7769f9c01a74160dd2b25c8ec130528a25cf1203ffe82a753d3280c9e52fb0979e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9D98.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA24E.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit