Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

executable.2772.exe

windows7-x64

1

Resubmissions

28/02/2024, 12:27

240228-pmwrdabe3s 3

28/02/2024, 12:19

240228-phfjlabc89 3

28/02/2024, 12:18

240228-pgpqwabc78 3

28/02/2024, 12:15

240228-pfbsmabc7s 3

28/02/2024, 12:14

240228-pepcbsbc42 3

Analysis

  • max time kernel
    27s
  • max time network
    30s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/02/2024, 12:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    executable.2772.exe

  • Size

    5KB

  • MD5

    05a065421caa9215958deca72a5b15f3

  • SHA1

    e7be3fd7f0e5f71ec6e55b014cd79c1e93cb2fd8

  • SHA256

    13170ec31cf0920ad871b0d0603b6f575f847e523ac977e5177adaf62d569853

  • SHA512

    d46813f0c4c626674c8cd69bc934ffead1139518d715f664a971d4cece87f7971bacbbcaabc1d74e406e3d1a278fa0e9f8713ace4b0071d034c9a091a8e6a2ab

  • SSDEEP

    96:S0FKCiwCRG4jynYJfcUdBOEH9LmdhPoJ4IF54:r1SRG4jynKx5yfPoJ4IFi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\executable.2772.exe
    "C:\Users\Admin\AppData\Local\Temp\executable.2772.exe"
    1⤵
      PID:1244
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe"
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1656
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2500

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      40b5449314d939e59f825d283fab4cd5

      SHA1

      25016b47d0dfb45dad616c58f69694e3cce3d639

      SHA256

      66d9a2f69ff6edc534266ba04bb928f2465a55181dee31a03a9bd5bf4a186e96

      SHA512

      7d04ad6ef1390cc0901d8f08a8e7283607fd139690625a4fc2b2ad098d049a58edc63472e58ab02a4e02e5307aa25fa9fdea6fa2c40e5b37c62815ff34d0a06b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4e914adc98c10288ffc2494aac512ae8

      SHA1

      c7fd1898730911d118ac1503ee7a1e04b503ce97

      SHA256

      f899056fb56f40c62d10a174ebd3e31442354e2b0a6db43e3375ad188d153bb6

      SHA512

      c82bde4deac1c41803189387bcda6d56e3134dac259298cff1a46df6c4554e1cab3159e4b2846b6942bdaf3309c02909c567b0e3da3c22be2a408cd1ceaaa991

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4ad82b5a3f0df0419212b21b5687c305

      SHA1

      ee9128948f6848ea9daef3a26a699645fa8941ce

      SHA256

      a9d1c167cf0ec73d6efac432c9506e0c9305f0e731648036b69b36073d546230

      SHA512

      7fdddf3e23871641d701210760e0f944e8379ed5bd73ea37cf5e3b267fc7ebfc48a7063f4d568ad2f29fce1e5bafeca4163ff3acbc0edacdf1175c5f3b9af7a3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      9b85f2a5892410d721dff28cb5338388

      SHA1

      636a5bd5c179e2380e7db418372a7e606a1ceeb6

      SHA256

      58821ff61a092dbed4adc1e3e0b2b1e36d5cbb0b75e88ff369a071a93cd5ede5

      SHA512

      a4428f1eab07ca5f2aa18f2d363f1767daa2e3fe62b9aab92805a86031e33c060751c66f99a3ec20deca6b096c35b05427718d1b3c5ce453a51aa7a5c2709474

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      1890701e93ba9086f9f44ba868749319

      SHA1

      cafdd1be225f47dfdd432ffbd6a31e1661b8ce3a

      SHA256

      396fba283c2838d52333b7bd77e904be8b55117c592cd1cff23ae64b27c94e64

      SHA512

      379df55fffc54aac7b5187cbbd91ba6c6cf781fa34d7f16dfcea9d0a7a60ddb28121920bed4aa922b6cb9321c7362bfdcc7c39da2903c8162d7c7bca57d21cb8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      527dc5550134e18d3d90650748f3a242

      SHA1

      7afd5be860cd38019a64f48597b71d57d010cff9

      SHA256

      2e53a16c0d9d76210f391f8aff2487b944a6003d230c59c31ac96ee9b4bd5d52

      SHA512

      1e8fe87d22d9035e555efeeede2e7c244f956094250488a5ead087e5b264e1df6c24e95ec69b4cc9c16891894d4936990439d85426b264d929a99d933ad13615

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      13fd46cb30d31d49f1df72eddfc1cf67

      SHA1

      f7baa42516eacbaa7126409870b2b8690fb8607c

      SHA256

      76bd6b082eebd85bfe60fea1aa15012de04a3c073289dbbe64c243e7cdcea194

      SHA512

      9231e951691c85c86a621a66f910e8a0a27586b98740face3d18a74e6be8f65becdab849db241c9c867c8871b511d380696ffd6d99a027a8967c07780f931b37

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      89653a495cdee37f8c20d9eef538aa3d

      SHA1

      a842c84406bc941b1a0d1e6ae406db67f44e97f9

      SHA256

      da10bec6c29c1caa44fead01b82fcdb3210f7e21be1d580d8265b8115d01dbb8

      SHA512

      d3d8ee3b9e34374b90701486d8fc0618c5ae2caf4379aba8481f52a5f702c3a4806e62ddbe888ddff38c24dffffc286954fe6469afe1e9496d664a0a1c4da69b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabA382.tmp
      Filesize

      65KB

      MD5

      ac05d27423a85adc1622c714f2cb6184

      SHA1

      b0fe2b1abddb97837ea0195be70ab2ff14d43198

      SHA256

      c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

      SHA512

      6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabA4CC.tmp
      Filesize

      67KB

      MD5

      753df6889fd7410a2e9fe333da83a429

      SHA1

      3c425f16e8267186061dd48ac1c77c122962456e

      SHA256

      b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

      SHA512

      9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarA500.tmp
      Filesize

      175KB

      MD5

      dd73cead4b93366cf3465c8cd32e2796

      SHA1

      74546226dfe9ceb8184651e920d1dbfb432b314e

      SHA256

      a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

      SHA512

      ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

      Download Submit

    • memory/1244-0-0x0000000000400000-0x0000000000406000-memory.dmp

      Filesize

      24KB

      Download