Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

b6bdbf03fa...d.html

windows7-x64

1

b6bdbf03fa...d.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06/03/2024, 06:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b6bdbf03faecb584e8a21edaf357470d.html

  • Size

    36KB

  • MD5

    b6bdbf03faecb584e8a21edaf357470d

  • SHA1

    c842fe864e21fc02bc43b85cf8de6d7b4aa56515

  • SHA256

    e03a982371c5a7a35b55a4a4f2a41ec3a77a749e53c96eae5c1da03a460e3b5c

  • SHA512

    6001fe4a76e5ab4d60d078e0b6ad9733d9a0874f465ad3a5352250362fd2b4d5ee937d1577e3a3780c2559163aae340bf8ee2979efb95eed01d84c7589fcada7

  • SSDEEP

    768:gJFlAzRLFySGT6AJG4Yq5/hiJltdN9MOePS1PGMmhdLj1Oixr/B+EgKFtNoO3CN2:QlAzRLFPGTJJG4Yq5Ziz5ze61DmhdL4M

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b6bdbf03faecb584e8a21edaf357470d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14fab790b841036a6697579c77f9d07a

    SHA1

    3044ccf16c078c3ac1815d9b6ffc9d74e853bf7f

    SHA256

    d5dfcbc76d0ed198088841463625b54913f1c812720055bb43ae659257140a7d

    SHA512

    3a6f00e352a6112f6c0a3ac1dac20926e68cdd9516d9d83355fdb5361a90d3c4c02d641ac39c21ce259b339871513632908ae638a4fe0e48c3f00ae551483018

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    afe0119c1fcbb085e4faa8b25590ec31

    SHA1

    69ef43c6cf8c1df316085d901ce97f0d36875bcf

    SHA256

    c9b3ac90fbff337ace2dc17098d7d79ad706bacfbc4f5dad232a7bbbb8c541bd

    SHA512

    fb227d910da58e8bad88597c167e3782a54823ae865efa550dcd30607f31703fae6a1d27f9fb31aab7a9f901106a82269e9b890a4ab71d160e89af6277890a81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4925dd6e790ea4fd0bd9e8b350c2dd1

    SHA1

    28aae0328f4a1dea366bddb90744aa4ef2d12023

    SHA256

    705e1f05a9906c0609f89edfdb59727d97428d319b052cd30a737f303070cd8f

    SHA512

    6250ac617a11994be94b26154c5a473ec023da86d94d3268b1c7138b820c17f7a6ae31180c8686a170fafb27055f34f6a24cee847696e057f4004ec8e5d7f1c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73b416fb5d0831638a1981abb63c960f

    SHA1

    e4b9ae7d7e691f7e4f2284854ad3f4125c6d3f40

    SHA256

    19fa59122b4d4e1b7b4b5bbea81f6253e5c13fe411324aeded733a29f9af1983

    SHA512

    f35343d78fd4d5e384135e482c6ecba1431b4d51db852b7f01d4ca84107b494f69e32b9b7f8fd8f9f3a66df27efc74fa4f68d46eb9c1f2e4794419543c9e2f0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b81d26a589f071a6494f65319dbdd25

    SHA1

    5eef02ecec5d0f2751dfc0a62c338d54dc0ffbb3

    SHA256

    0c2e6ff89786a9101492bf18932f20137f0253679615df4e48f62e3f474ba95d

    SHA512

    4c081bfeb93527afd09bfd8083ee81357127ebeffcef57b6f91476e3a481e6ca6313e4f3190470321cbfe8dcc0b09ad1948881f57abc6b6fbc36d280d629e13d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7cc8bd0fceaedfbba40b8235ee76721

    SHA1

    59242488a85640c12c91370edd1ed50f60a526dd

    SHA256

    a297319830db4e75a2359d77743283744bbce420c8a97a9517f6b0a4a0d047b1

    SHA512

    5fe0534a22345c43c227c26535907d7225b99bd59dadb1f5f5bcd815fe0f6efb0d140f9ff47d4dfdd8dc7dd70d7a59866b0e21752b3c3b32ef81c5aef247a936

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16c848169084a7c1e57f99511945dd2b

    SHA1

    b3208a0782c6d1d24a4a1dcbdbdf0256702e0b08

    SHA256

    9f4b64abed323a694ffeebdb88fd5d97298e6b0f482fb889883a8b414b3cef6f

    SHA512

    10341cdbb5e927a49b64e08f0b0f975f7f770eeeeb3fcb3c023604009182bc502e11f3a8c200d2e1e2013a2d7e541c45c55a0bd6eb579cc8a2bb42f827996fa5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab71D9.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar74FB.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit