Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

UploadFile...14.doc

windows7-x64

4

UploadFile...14.doc

windows10-2004-x64

1

UploadFile...41.doc

windows7-x64

4

UploadFile...41.doc

windows10-2004-x64

1

UploadFile...42.doc

windows7-x64

4

UploadFile...42.doc

windows10-2004-x64

1

areweb/Adv...ol.vbs

windows7-x64

1

areweb/Adv...ol.vbs

windows10-2004-x64

1

areweb/Adv...dt.vbs

windows7-x64

1

areweb/Adv...dt.vbs

windows10-2004-x64

1

areweb/Art...Box.js

windows7-x64

1

areweb/Art...Box.js

windows10-2004-x64

1

areweb/Art...ple.js

windows7-x64

1

areweb/Art...ple.js

windows10-2004-x64

1

areweb/Art...ut.htm

windows7-x64

1

areweb/Art...ut.htm

windows10-2004-x64

1

areweb/Art...log.js

windows7-x64

1

areweb/Art...log.js

windows10-2004-x64

1

areweb/Art...lp.htm

windows7-x64

1

areweb/Art...lp.htm

windows10-2004-x64

1

areweb/Art...in.htm

windows7-x64

1

areweb/Art...in.htm

windows10-2004-x64

1

areweb/Art...op.htm

windows7-x64

1

areweb/Art...op.htm

windows10-2004-x64

1

areweb/Art...de.vbs

windows7-x64

1

areweb/Art...de.vbs

windows10-2004-x64

1

areweb/Art...tor.js

windows7-x64

1

areweb/Art...tor.js

windows10-2004-x64

1

areweb/Art...up.asp

windows7-x64

3

areweb/Art...up.asp

windows10-2004-x64

3

areweb/Art...ig.vbs

windows7-x64

1

areweb/Art...ig.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/03/2024, 13:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    areweb/ArtHtmlBox/Dialog/help/main.htm

  • Size

    14KB

  • MD5

    9e76fe63408fc01663dae3a1b1db9403

  • SHA1

    02062632347c5aebedef69c0621b81792595e656

  • SHA256

    85ac5a68cc8da25ad4f89f466b00a3576a2affc74ea3a18a9859a689dca6fdf4

  • SHA512

    ff87482a719b60bd62a42ff50e4121d7349e6d6333ddd29d36766930252faf5f7b273ef1cba2ce747970ef2676f7c4c566ded6e8c501547214a3b8f653c9d222

  • SSDEEP

    384:79MkJya54Wt+LN7rcBH+i1UxtVnQIDpyybF+wWXZTvV1/LEWoJoItpvAMVucdNc6:79MiX5ztKRGgcMPY4K5/3I

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\areweb\ArtHtmlBox\Dialog\help\main.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2492 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    424e6e80bee486900a72e53b73baa838

    SHA1

    033ab3002bca6223bc3005d6d83525a25ff48113

    SHA256

    dd44302827afb1508a7518195cf2d8ae6a116813a99d5bd4ad7dc799ff5d4326

    SHA512

    1f916b570781e427ea978a5fd64306d449f494d86425fd1a63e9f7d4b94580aee41609bcb2f43b8c4225c78ecf9b60c37d5d8cd5715fe47cc20dc2b960203881

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1759efec193278da103bdbc6ea5763bf

    SHA1

    ff91845c884f2b6b868425cae68871c7f26291ba

    SHA256

    ca6822a790c9ddffd8f4365e48dc8fcaf42affb8edb523145ac5620e8c803551

    SHA512

    bd988d41e39808e228a3d446ac843511a7ad268dd6acf7a49dae06262e7210814fe5c8fb0ee564c478129de35e4ff3b75fe0fd3279b2ce7f164a43059593ea0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f6fabfb1658383885cb7e612062f426

    SHA1

    804c1abe4712f9b8f4a04c9ebfe058021a7ebf7b

    SHA256

    b0e2bb57d4bf4e58e11d1bd6a159041927d33b67a0d4e3529ed23bc5b0f8de4e

    SHA512

    ec821c92e7780263e5f753631b69425d0c10c07544be9b66aa3554be1fb45924b259af4f5567a5432d2d229b554fc294095f32793fe3e9a98ab46054bf6c0f6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7377fe23627294c577885ad295a6e6e5

    SHA1

    4c80131b17ffc11ac191fc6178ac8414e7b70385

    SHA256

    3ca8023a1a509ae9832db47e9898c027b23f19ec88d82cb0749c4bf7c95e7c70

    SHA512

    d525ff590eab736c44bb048ac087fa16d516f57307b4ad5b0562f825c77a23e61ae28ee38fad30522ad3e562aa6f2ec35d83924b9e85de0ec0abaf626d2363af

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab896E.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8BC6.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit