Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

csgo_hacks_free.html

windows10-1703-x64

4

csgo_hacks_free.html

windows10-2004-x64

1

Analysis

  • max time kernel
    1s
  • max time network
    30s
  • platform
    windows10-1703_x64
  • resource
    win10-20240221-en
  • resource tags

    arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
  • submitted
    10/03/2024, 12:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    csgo_hacks_free.html

  • Size

    110KB

  • MD5

    de59c60b8e6f18f14defd704cd2efe7c

  • SHA1

    1bd4dce46cdb844bc2d9ef278f29380f77b8f70d

  • SHA256

    2365cbbd734a3fc735e490bd522ceff57a5b28fe96a9315c1710d065550a824a

  • SHA512

    6afc30c8e7aecc5893731ecd485fcf6a2cb30e2f5fbec0160b8a17f7f6aea8ff80cd97f24ee58dd4453a87c4849cce8075a9e8e8e42478bedce399d1e994ee9d

  • SSDEEP

    768:CL0dWLuLMRG0dhNLRGqr4Xnd9nXcOsOTYOOasV0WOyc9OO4PEdoOhKBsOfCQ2FPs:wRG0dhNQf1x1g1hEIxmW7QTBU

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\system32\LaunchWinApp.exe
    "C:\Windows\system32\LaunchWinApp.exe" "C:\Users\Admin\AppData\Local\Temp\csgo_hacks_free.html"
    1⤵
      PID:3332
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:1636
    • C:\Windows\system32\browser_broker.exe
      C:\Windows\system32\browser_broker.exe -Embedding
      1⤵
      • Modifies Internet Explorer settings
      PID:1308
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:5100
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      PID:5064
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
        PID:4116
      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
        1⤵
          PID:4528

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\WHZCYX9L\f[1].txt
          Filesize

          174KB

          MD5

          3d318f6e547eb42b8da9ddb6ff4e134d

          SHA1

          2322c4658bd46deea7fadd1d6547bc4c360b7f6c

          SHA256

          b0e7819d5942c90459ada403a5635bb1babffb06a3c4627a3cd88759a8d9cf6d

          SHA512

          de1a25c0ca0ce9a758592c72bb94e6bc8e1b1faf653c761a3e5e205d6ef8f8b603db28371f548c7486f9548031a0c578bcccec9b6c4448c84d9aa7452db076af

          Download Submit

        • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!121\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
          Filesize

          4KB

          MD5

          1bfe591a4fe3d91b03cdf26eaacd8f89

          SHA1

          719c37c320f518ac168c86723724891950911cea

          SHA256

          9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

          SHA512

          02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

          Download Submit

        • memory/1636-16-0x0000026162500000-0x0000026162510000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1636-35-0x00000261613B0000-0x00000261613B2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1636-0-0x0000026162120000-0x0000026162130000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-329-0x000001E702470000-0x000001E702570000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/4116-340-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-69-0x000001EF7DBF0000-0x000001EF7DBF2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4116-65-0x000001EF7DB10000-0x000001EF7DB12000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4116-63-0x000001EF7D9F0000-0x000001EF7D9F2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4116-61-0x000001EF7D9D0000-0x000001EF7D9D2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4116-106-0x000001EF7E900000-0x000001EF7EA00000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/4116-192-0x000001EF7F400000-0x000001EF7F500000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/4116-195-0x000001EF7F400000-0x000001EF7F500000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/4116-197-0x000001E700000000-0x000001E700100000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/4116-323-0x000001E700A20000-0x000001E700A40000-memory.dmp

          Filesize

          128KB

          Download

        • memory/4116-324-0x000001E700C00000-0x000001E700C20000-memory.dmp

          Filesize

          128KB

          Download

        • memory/4116-325-0x000001E700F90000-0x000001E700FB0000-memory.dmp

          Filesize

          128KB

          Download

        • memory/4116-59-0x000001EF6C5E0000-0x000001EF6C5E2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4116-326-0x000001E702370000-0x000001E702470000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/4116-67-0x000001EF7DBD0000-0x000001EF7DBD2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4116-341-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-346-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-345-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-347-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-351-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-350-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-349-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-354-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-353-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-352-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-339-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-338-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-337-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-336-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4116-335-0x000001EF6C2F0000-0x000001EF6C300000-memory.dmp

          Filesize

          64KB

          Download