Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

8f701b4554...b3.exe

windows7-x64

1

8f701b4554...b3.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 14:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8f701b4554e85d5447200c2aa0887bb3.exe

  • Size

    36KB

  • MD5

    8f701b4554e85d5447200c2aa0887bb3

  • SHA1

    408ec76fc7c86611253245edbf8f08526288b89e

  • SHA256

    675ab96babb07738cd4e129ffd2b4df45f37bd0ccbabe2be450939968a2b9792

  • SHA512

    a7c8a6159d39c4fe4346d44a2265ab2551a4362c9732bf4a9e5a8e6128340748676f438acd28ac870aa5beeb173dcd1e91166e2377ef20f9365c3f979fd09891

  • SSDEEP

    384:fw9Hjv2GKD31KDZsViGup/hb4AVEyAV7KxFKFT1pD9S/JKDZ8KD32PDW:fEDvkMs7oZeyApKqFT1Js/QbeD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8f701b4554e85d5447200c2aa0887bb3.exe
    "C:\Users\Admin\AppData\Local\Temp\8f701b4554e85d5447200c2aa0887bb3.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Windows\SysWOW64\explorer.exe
      explorer.exe http://200.221.3.168/h/toon/pian_086.swf
      2⤵
        PID:2360
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2316
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://200.221.3.168/h/toon/pian_086.swf
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2700
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2700 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2676

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      7800dd8decfa6a647ff53d416e40cb0d

      SHA1

      f4bd035e26ff774fd7b85b2c882ea7b911fa74ba

      SHA256

      c20b192d04e043848bc3deab32f0ba77e400ea72c02205bb1552d033bddbb105

      SHA512

      87f8e622fd1f6e9c2b1e762ae65d11e6412699b9a928212143f626fe431d2905ff45d3bcc0f7f1c0ecee1fcd54a74272a36ebe6ceb1d7ae87e1e20926842af25

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      538af68c773fd1ff391fa71371b038c3

      SHA1

      692326f9536ab14a5f38f9bdb03d87448fc0a6f0

      SHA256

      fc072b4fbfae192e2ae9959f037a56493cd058bc434e6d81a3a05b1c589f5dea

      SHA512

      8bbeb363b5959efa5bbd0894f9708682822a6e3f36ab6122c4c76f194ddbc99c320313edd9e9ff803a261113e31aaf4cdf50d15943d61a34b5724dea01fa204c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      5535d222d348469d08d8e7d0e1f92d70

      SHA1

      10e0589e322477369ed1339bf02fe9b38e1951fa

      SHA256

      2bf901574b6e50862c4563ba8e8b84c6f5d0ece40c4cdc3fdbf37d01424fb6e1

      SHA512

      7b91836b3413e33780d606e52c36cc5cd0d0fbc6ca55e7aca282ac5b54e5f6e31f639a2ea57131c75126ce8b1731c28591d60312a3c0816a2def69d8d9678985

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      bce70b65119a85a62d6d0639ac1d36b2

      SHA1

      83f9672d7be3b6b2fe42ce49485e1200196496f1

      SHA256

      b7b61e89b6c868c3d4e58f24eefcf52d6ea0e6aeecbcdcae18428b576e047ea9

      SHA512

      b8fa31108b5106be466d0e2078e448065f7dbe9d9ef4822197ce518ab9c2ec39c2dfccd78af8f51d1fa35cf8b3b3e66a3a34c6c1dd75a6f592c87af71607543e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      81e35800a2003cdb8f871136664649f8

      SHA1

      8009b5a8cb0bfffff46189751238fddd7e5073a2

      SHA256

      4d81873e49ddbea585bfac6e702eb711a7f597dc8a8f0a6a8041387c28e5461a

      SHA512

      96dfe0f9ceb59f7691f4712db6ce7fe7beea595e6edb4bf87246963843e34926e9bbabc4cd06bbc3d1cb3508a0b817c61f7d66c1186ddec744dde45b255d18b6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      5f18474709dc76ec9a8d48019c289df7

      SHA1

      feca00c743d70bf3080d64256f0453ffdcf9b9cd

      SHA256

      051b7b5928103c367a8d65e6b2d886d69d457d1c4b9d0b4e9d900de8218ebe8e

      SHA512

      f9f22b743eba4acb79dcce92be77f2ed467c6b29a13324c984c60530bfeafcd1c7eec6c2e4f50417c36d87442b5c86901e5a194ec5108fd3d5b245dd0a5cdbc5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3cb76058a748cd8eb945076f237eb435

      SHA1

      38e8329c745fed35cb7d04b24a5b336113424cdf

      SHA256

      534fef86ce0e79deec9777ac333a852e5ab6ca54e72bf486e6f69859cf8e8e4b

      SHA512

      cda3bd8b5fc571da89fef97caa3b755d913ac67c60022da9c46f355296b421a01aeea831bb9d77aac0d78bdc73a645496686346e08a3b1edc32ddb10e114fffe

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      7a48fb215678603d8d35a0ead7abe09a

      SHA1

      1deb3952cca45605cf849caf29f15160aea25dbc

      SHA256

      aac5f5c6175b4696ec1b2a67b72dc84f4fe66589ac6930732711e6efb35f5c86

      SHA512

      6c9761031dd0b6d2fd25cb42c08e036140932d7c55855799e64ced0cfd93b9bdf50b20408c820be5df9b5f5996362f17f5f2451073e6ef41ea95d431e0217576

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c019d475ad404b1a5c9b4ff42d91300e

      SHA1

      f00ad863fa598780720b5952fdb7e979d1c67c66

      SHA256

      9b996ef290b5ddd6669190244142cd1eb9300fad0e914eb4bd5e4187ee5d7389

      SHA512

      fb46fa1690653fcc1e692a7c9ff21f915bf2d7c03334d02808b449fa558c3eb84216cd8759f8ca922db2101fa0fda68f7cd8209885c55df737ab3ef7217b3dec

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      d4df0918b7505cb137bd651e2c01ebc1

      SHA1

      1aaaab36afedc76192b362e9d68d63af30a06840

      SHA256

      b0359257b7c85a68d31daaef06f354e754336c4834d26501aad4bfc34c10b905

      SHA512

      cee095b7ebfa2ab89a92c7240333c1bad6f68f698d8bc62ee01ddfd0d0cdeb3a8f29f959ff99c8575aea4ace780b57da42af86b060efcd4fcaca6e0f999b9172

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4d4040b044c4bb7e4a2db4550d67f67b

      SHA1

      0385f1c57b849b2f14c8ee0675e9ab9d2886522d

      SHA256

      352caf70335d0cc0c49c43bc89436b21679ed037d005cf4bfb990627ef79da6e

      SHA512

      a1755e4c0a4be36656bac2df464a9a0b3c8ec1c6d7d8dc3cb4ae5216ac7742d55be6f6c6aab7a358b9a7a8a82f78fe534c7d2fc4a85164c2972e1586c1dab81a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8496dcb7addf6465c61d1d2b79318d1e

      SHA1

      daf6410918d09787bfa5c72fbe197771ce222523

      SHA256

      327b951f200e1d76e9e6c0d441300b8348e31f74f2d31fb7532bcda8372e5363

      SHA512

      e2400fb0fe5c2788045d03735324a9830b7f83278f791e2f32569dbced822d33d6f0f2d0ac8a88dc69c04d67f287e3c5f444d55f0467fa5ec4baf9574d0d8888

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabCF72.tmp
      Filesize

      65KB

      MD5

      ac05d27423a85adc1622c714f2cb6184

      SHA1

      b0fe2b1abddb97837ea0195be70ab2ff14d43198

      SHA256

      c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

      SHA512

      6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarD011.tmp
      Filesize

      171KB

      MD5

      9c0c641c06238516f27941aa1166d427

      SHA1

      64cd549fb8cf014fcd9312aa7a5b023847b6c977

      SHA256

      4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

      SHA512

      936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

      Download Submit