Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

04a50475c9...68.exe

windows7-x64

6

04a50475c9...68.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    142s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2024, 17:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04a50475c9a66bad1ce45e38ef8059c62a9af8c40dac36425a16f7f159050668.exe

  • Size

    2.9MB

  • MD5

    59396d566180e4217b2631f2a9472fc2

  • SHA1

    15dbbd4826702d9c09efb9808d8e1dd4c2a6c9a8

  • SHA256

    04a50475c9a66bad1ce45e38ef8059c62a9af8c40dac36425a16f7f159050668

  • SHA512

    49be89a7ab1c0ef97efb1f2ee9ba96cd7cd4ac8356e75c9fa0941127a55fc0a0d0da36133a93706b9d99fc2ec9f64ec60b85d27fbcd13c4966fa6f10acaa95c3

  • SSDEEP

    49152:FkFL4nSA5DryJp5v+EURYQrT4OHQauldcCg2iVLJSwEOEVyMEEVILUv/scBH9VKJ:yAJr652rhHydcCaJdjEewv/VBH9cOLji

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\04a50475c9a66bad1ce45e38ef8059c62a9af8c40dac36425a16f7f159050668.exe
    "C:\Users\Admin\AppData\Local\Temp\04a50475c9a66bad1ce45e38ef8059c62a9af8c40dac36425a16f7f159050668.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2208
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -startmediumtab -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2996
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2996 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ff495bc0f066f732aa015c97d603df7

    SHA1

    01744749d62fcb09bef745a62cd478133802b2bd

    SHA256

    6807b94979c911e76d7457f0520c52a0eb9d6c6ae3d65b9a2a2a6a22a3023fa7

    SHA512

    1488a2c936886e542dbf0a6db295704e26d3b34b363dcdc831024e00f0a9e7da95beeffc33c456a19336298e3dcc7c842113d35184d6faae42bc69bc5976a890

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ce4c77abcd9ec2da0412d70ea1306d5

    SHA1

    74c4a94ef84fdda57d6523f7f66502d6060c1782

    SHA256

    bfed4e73233807a390277ab5f323e5c5f4c0d68148bbcb4ad3f137009685a023

    SHA512

    63a12543fcfead4199f4be6ced0a85dacaaeda834d3977cfa6d4de5d716c0bae0c244de4470476419d608b0a7efbd52e2877312549b025a37d5d0473b62eb130

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b551e97803eb0803aeef2547d4b90acc

    SHA1

    a81be071549e840c86ee7658acb0adf1dbcb9219

    SHA256

    acb73e44882354dab2159787fd2cc8f8ae70037601dfed0159ecd01f5d132968

    SHA512

    1669149363ab6884cfef597cfab09f77cb9db4bc8da59a0438ba110ca9304b2e66c4c25e7e2edcba480c5360e276d2c4d4501addd927eb7be98cfa1c057a6d5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8038cce31ba77ccd827cfd940a8ccc7e

    SHA1

    8bb90da73e81f55533aa3ca7faeea089cc63af10

    SHA256

    e76bdb9e63eb3fcff097f01c8055442af0ba07305f56f777f141dfb4a32894de

    SHA512

    d4e31432cd5820a8a73b506a45b4a2e4304a78bbaf5747c9988589e988383baf016ade7c065b3feea7cacd2edbd98b7ac5bbd9980ff7f1e7c32e86e867b705d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4bb13cf5ea77a3f60e3171bbf51162ae

    SHA1

    e8a2649ec0ec11425ba6008ab573978f8b82827a

    SHA256

    4eec5dfa042bcd4a5c6e2e1bdb289ee3aa01fc77d723d3b53e7c7f793e7785eb

    SHA512

    53f9e090e902a08dc956e445a9ec37864f757c659c2eb4e8076f7df715b7c7911dc6bb2c20a3713684fbb465a468a59b2985824479b35f6a5947a4ae6c2a44d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5500fec1a5aa3c51f66f9605fa0bbc76

    SHA1

    e9e73552bd9f923c8504eb4e6377c32170ec97e4

    SHA256

    2058440f973ce8602d1df0cff71a0e88eb365682db73a293e32cd136b19af23e

    SHA512

    6c2dd5cc99e2bab6e11de1fbf0ba1902b1bb65730d158d05667e9483b19fda64070b720d6013928fe9a67cb40f14d41d95f9c5e07a8e5569a1372fda15b9e770

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57df515a3a928042ee5dbcbd4c99c949

    SHA1

    bc5bac97de8d3ffa427d76923ca005a79eb54eef

    SHA256

    b195b3bafcf1b438f86ee6080119d07e4efbcc515bce8dcafcb55aa3ddd6e1db

    SHA512

    6d9e979a0e68cb8305bbd4f06ee4d4a6c5d622654e3802de9ee7ee29a2f9b0e086025fdbe43a7b4d7f3ce267254742ea47ae1575d642e9bbe2acd9a1b409dd42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf71468dc4586c746e00a6d2af6a54b2

    SHA1

    eac7065381d26624354125d46543fc74fb5004ab

    SHA256

    ede1eed2fa216f4a8d02c8ef858c91eee7a9916482bd566b28855b030aa09eb1

    SHA512

    c8695bb3e6386eedbf36021cc63963e040bcc442ef9b4c3d4c03d9cdcac70a1df07a5aac6ae45d99a13285c2f06dbcc482ef43c19b778a88da850b79d7a87c41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c693ef5e7ccb0ba4fec8d3db3028f4c7

    SHA1

    6f88edde85f0f132f14b55cb37d9f990a3df7b53

    SHA256

    f92e481b16995dc03e796fde10143b922a676d1740e6e458a6a1aee0dadffe8f

    SHA512

    6f4f43df1e39a69f787ebf88153fc80f3f35e6e6bd9851a4013c767701dcf7d121acdd7458b5ae9aad206f058d78955948bf2f1af78dc0e6024cabbed85fccaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c644e0180e94e1f58dd81bca8903bd89

    SHA1

    9d91e551dcefad5122dd91f82651184cde0b9868

    SHA256

    8731b812b94ef40dba7ec55503b9ccf3892e5dbd0f37a74a3d4c417376da671b

    SHA512

    03114976a675de7fcd597a0ac0448fb7e4ae8ca974de46cdff9a178e095aeed0eed04ad0ec4a2be7ebf7d6b151d44d9742c89976f82c96a76f51fd9708d34c0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af006e1971a3e8daa99d1f4f88b38d68

    SHA1

    6c344a40d7d69df2ecfd42a9ce995a6550a942ed

    SHA256

    7ee7021bcd2673be06f9e8cbd71c2977ed4e8e63c320e8ca20d56ebe59e71e5d

    SHA512

    b3eb319471cf593feb295460801af9aa95032ba700b3c0921630c31ff7d250923cc79596e2827b584ac91eb6f74cd79a797ed4f018de7cc0d07041a9cf482c96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dde26f9544726a6286089c777b152edd

    SHA1

    e40a5b6c5936e5cf1a42dcc43466afaa947c1295

    SHA256

    ce5daa6b57e3fd3c784ba31bde62c52fa084edd08d213711183d5c0e8096e57c

    SHA512

    cef00519e033fb0f0c1eb8fb8642e51e3bd96f31da6fcedefe808cfccb81cc49a97e26693ff86042033d34acfea5efcef127f078a0d3017c43516e6d294aca4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    42967af26504613367d97efaaf9f089e

    SHA1

    e8169fc5aa347d7613c28040ae1374b23124f28b

    SHA256

    6f1cedd4de722e83c0357931fb52cbef2625d521b34643c5026d4af9b2149494

    SHA512

    66986b2b99e9b514e85331605fb981ba8fafe012078fea7ac517cb074b5c7f70f31bcd7bd6ad2e041aee9bd9e5d44b3a318e634faeaa8261a1b20bb5e994dab8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19a421912a0908a81f4c5a88b4a93944

    SHA1

    66dc0e97104dd8dae89de98e97ddb1b4bb10936b

    SHA256

    d54ee9019fbf70ea2ea83489badf4786b94cfe9962f472af9126ef5e71762a30

    SHA512

    7e1b742915802160eb9c3cabeae2a878313809bcf21e57fc925b4563fb5e6a5ca2aad8c67a3148b6ceec4a002296ca1b2a8b7706b8ccea885c1e7a6f6998d6dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3febe4bc864e3f41ca6f4b8ac412769d

    SHA1

    4b94bc388fa8fc254ec0ceef34eb6454d67370d8

    SHA256

    19ad5a6887fe936fdf209f38f0b0c90555afd9540e40231bf5603961c611dc7e

    SHA512

    53c635b54f0a5475a8122fc3c5c4035ef1cf356fef5868c74a6c9838709ae630ef1f1bc7818ed0fb6b08f0a1385501accfe77a6bbf019b82ddb5d34e67bf1789

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6734.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • memory/2208-0-0x0000000003AB0000-0x0000000003AB2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2208-417-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download