Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

XiEqhWreY-0.html

windows7-x64

XiEqhWreY-0.html

windows10-2004-x64

1

Resubmissions

03/02/2024, 20:22

240203-y5zenahdh7 7

03/02/2024, 20:17

240203-y2qckshdb6 7

03/02/2024, 20:12

240203-yy7gpahcf3 1

Analysis

  • max time kernel
    25s
  • max time network
    24s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 20:12

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    XiEqhWreY-0.html

  • Size

    3KB

  • MD5

    eb27a311dd76d711d3b05cda0cb7b28e

  • SHA1

    ba23d0979d768189a3c3639ad5a7d443733a7086

  • SHA256

    c6a0dc2ab8b0115404df325a714298a4fe58871a358a2357cd1572a88134f0e1

  • SHA512

    19ebe9cc766ca0b4b72d244e069eb22b9cbbe4ba77cac49b0001091d9d1348f63d4972d2da6dfc3db8c506ab5b77473bea2dd995f135a309cdbb795ee0d7f8d3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\XiEqhWreY-0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2112
  • C:\Windows\system32\LogonUI.exe
    "LogonUI.exe" /flags:0x0
    1⤵
      PID:1944
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x1
      1⤵
        PID:1192

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        cdf430c0f0b3bb92f2e6849015dfa281

        SHA1

        63e0083d6855e2f71731a8105cf1619ea22eee1e

        SHA256

        614737fbc78370720461c35033c856e6375ab05fef6942b84ee75f6763227ad5

        SHA512

        3c1e9c1029ab6198a1c8826af90da14d314e7d1d4e76f369328ff83d5ac185b027885efcd7fbd11a0a727e1a169a5bacc110c3d6f66f80cc90520181142763c8

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        95b59f6cc1ca70f426bcf1254d37d6b4

        SHA1

        b30eddc6496ec6d259dab94e83fbbd6de8c9b3c1

        SHA256

        6302e4d2283727743e1ef837da7d644900288892885c30d859b4033c9e10dd89

        SHA512

        3ab049eb96d326544752fcace5b80ea18c3aa58e34315bc53328e8408db1ee9b5c451cd6e89447e1c39be8dec76d92aa3ca6c3a65311fd4783a4a0840b3940e6

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        9ab3fbe3b17f9a86c23e90984e0eda5e

        SHA1

        bbf007135dd089620da2d2421ce083fd71d8064b

        SHA256

        b8896a6b907adfed080cd6934491e60a9402bd17b3f438f6a076339635b28a02

        SHA512

        c24a5659c7acf9c22051afc3307ba76c136eb629a1e87839c6377b5f1d92e87b850ee980ce4d590e4dd61df9910b6feaa355176d2e188fc7f69cda8005eb5e30

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        c32841abeed00f48f925c04e20fef0e4

        SHA1

        50990f7864f61016167a0cc163e57409a7ccec3c

        SHA256

        692bf61cc53fc16d1e6b469ce3c6aa4fbf82a20816b77cc3e5a927c8b8cb8ada

        SHA512

        a8ab71a9877a1003e20c4ba2793a68c2f2091cff152361c7fd9f3c091489934bd40d9d787dfe0d60c45804f9e42836341bf5d9ff9b71849c334f91af76862164

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        f91fa779549c9bfc074ebcefc49df0b4

        SHA1

        585434faaad69a0d7d7bb45f0fc348d15ef4021c

        SHA256

        78bf2ddc4e47a3fcd8aa3614763dc03657fd6debf6d7bebd60129431548b421e

        SHA512

        190aa1af381dd3bb8ae6ec6a0e473c68c06c9ade3ad9287cc62674bb66296e3ae2abcad1adfdcee4e2680fe0bac47c34134d9f66e3997c7e26bcb7d3dfdd1238

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        582d5ee82ba6b10b84258a79af0b5682

        SHA1

        92221e599c273822dc732910b02d1abdea7fac75

        SHA256

        fdd6d2454d9f7499eeba928877980f5628713fa6863479b34506bc05376529a7

        SHA512

        827d7efff925a73d3a1eec2e58449969713028c202b670297a2d5b8f412ca377d24fc528360274352cf65d3debca68911520bda1c6f231c164c73d085f9dc160

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        2ac7e33c23e8eb42f0db36e516edefa7

        SHA1

        14391b28e0f2d4a23c74a5c89f5bac2ac29a3658

        SHA256

        ca4131deb891e8afd893fbbf144c4e502be788ef2a5ea843c99ce8009da75b8b

        SHA512

        7091bee8d7ea231802ca80030299736de9c08d5298263c52a5267943ada038c379b221289c2e5978aa0c7a8f6fffeabc23154e394669a71bc77f1884390e4453

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        27e388c6fed23ac6837ea79873f7e155

        SHA1

        7e6605cb88cac103d11f129afb6c0a9b626ea7bb

        SHA256

        f52aa0e5f10c57f264d66dbeffd6441ec78b5bb01a1406733959c933db0e5695

        SHA512

        307dc07a904c69680d65f8892b55e735b8993921018d33cdd2fbe8323b3e79130f6a2eb7dbb742c38c055bf1f561871947766fbff22f84da8bd99fb8931ebdaf

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        02a5a4456bf05f9c1293e2956bf6470c

        SHA1

        34434976511f9fb21801dee1d51054b94d1a7f8f

        SHA256

        a7a44116a83a1f20ab25dc1a5422578012c68d78d2971b7cfe0983faed39626f

        SHA512

        3042fa56b520a3763be1938e9229c68a87a266e8e9ed0b317e7e8669d8e47cff68174ba3bd6b8935af5e0fd1adf59f1d214187652f746948954fef0544dd5cf3

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        270f26a1211620818601988e5f32c69b

        SHA1

        52252792c4c01cb1f5cc36e28bce13a2f09b2a95

        SHA256

        f2a98f0d5df340c51c916933528413eb66a863ddfad61821b57fd8778d352666

        SHA512

        95c90f7c5a9f08f2aa7c91126319ed36a9e19f17c3a755d2925d1a0f0cfc32a3a49ebc01d1f08b91f18ad73ce3609d92310da0828feae5762e81ae18e51a8c9e

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        d317b8396b9feccfdf3d6ec17ce12f65

        SHA1

        1d7889bf63c4bf628ab4cc3682ebf1bf6ea3cba5

        SHA256

        972ac012a2ae47784e8bb470b29271964376fb593b7127de158d2bec14ce0a21

        SHA512

        cfbf8cbe6e599d15d431d40e0a43c84dbe71e3629eb64c54525d979c73646d479f430e95913ce38137180baf051e7d5abfcafaf721b319024a6621865ad48d01

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        bd2a2114041c7a7b4897c4f05283769b

        SHA1

        1e2c7a3939d015d61307edcb36875d4aaa6f205a

        SHA256

        0ddc68d69de4e882b48ae8ad81fa3a852d9a55b54b51f45e4844d3fe30aa6cd0

        SHA512

        1a433990823fae0dbac5944fa110783f0530e2c36a6b5ab597d1e8efbf7bb8b38ba6eac6708cedd2d740e1e413261804d0d7d0de359ef1d0d64bf27804621c9f

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\Cab453C.tmp
        Filesize

        65KB

        MD5

        ac05d27423a85adc1622c714f2cb6184

        SHA1

        b0fe2b1abddb97837ea0195be70ab2ff14d43198

        SHA256

        c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

        SHA512

        6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\Tar454F.tmp
        Filesize

        171KB

        MD5

        9c0c641c06238516f27941aa1166d427

        SHA1

        64cd549fb8cf014fcd9312aa7a5b023847b6c977

        SHA256

        4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

        SHA512

        936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        Download Submit

      • memory/1192-554-0x00000000026E0000-0x00000000026E1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1944-553-0x00000000029C0000-0x00000000029C1000-memory.dmp

        Filesize

        4KB

        Download