Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

c542ceb970...3c.exe

windows7-x64

1

c542ceb970...3c.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/03/2024, 06:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c542ceb970b8e67961b1401e0cdff53c.exe

  • Size

    1.3MB

  • MD5

    c542ceb970b8e67961b1401e0cdff53c

  • SHA1

    255f13162167743821ee69d32c27d721da4e1dd0

  • SHA256

    099084081d7a77c94e4acd4b37a020e36a931e6e5ce894683fc1065c1c5acc4f

  • SHA512

    654d1cda39e9bd0786173ae28c17a5ec17a911ebc3358b66075406138648aaffe87220da4d9e88750014a8e1bdbc75a43f3e7766c6e355327ccae80955b8ebf6

  • SSDEEP

    24576:MejDKKiDkY2+AhEcy1BirYZqXMrDjUm84QeP3Cqkkkkkkkz:MeUDeyLZqcn3CR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c542ceb970b8e67961b1401e0cdff53c.exe
    "C:\Users\Admin\AppData\Local\Temp\c542ceb970b8e67961b1401e0cdff53c.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://gameszu.net/redir248.html
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2196
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:3032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb98e7bcb8ebe61b3679bb93cbed7434

    SHA1

    a73f9e532789b26a24409908ab3f1efab4d52cec

    SHA256

    a6015894812e4548f94520f2bcb4a658ef71053fb67234749a4b57a7c35f5e39

    SHA512

    0d543c989ab1d53878a8727596fd7d5d88033b3ded366104f33d9bba565741ae7f97fed2088a6b0ef1a3045e91d8ab91e5b98bd3d38cbe557f20d236593b1e97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34a45699de361c6750d13af323d8da2e

    SHA1

    810e25a9694383ec786f208876e62e2cde9d7fb8

    SHA256

    8b7d7ed11fbeb1e7fc43a0f15bb6b1ee5841a4fd675122e390933b1f8473b599

    SHA512

    a27d4239ed568ee72cd1005696444ff76b66837f0fb9435e8ff662f03f9d6011dcd73826164720076a203e695aaaa4e0ee39ce48b62448b95a514136f9eba508

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c513df404cc581b235ee637b1f36193b

    SHA1

    1c4f21c544b5e8333790a960ea284b128086cfa5

    SHA256

    40538fb9b8959c51f05a2408e2e28f4564f6ecf0a026e5125bee7206b1172e60

    SHA512

    6c300fb0233d021d12d38c35728433cf5d93b402206723e42d8b6b2bbde02c2356a914d890981f4cdaf189728192475dbad69739042ff71557bc3af7f29aee08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a4d9a68bc23abf8d9e2c33f3a506215

    SHA1

    0ea6ef70032b5dba5603df8b530cd79791e6f914

    SHA256

    cc9934bd79b577e89f9caca9f546afe46816821048499114d73d1ecd6babc1dc

    SHA512

    02c4b43cc16a5ca3ba1ad87088559761bdf83128a35533f34f08d472f25ad37c5dd93b16544b81b8b4b33b6547afe6997f7da8a4fafcdbf295c5d808011ad4ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec801893e475d72fc1ef862fed95d30e

    SHA1

    cbafbb1e9c9e418317f1567cc46fc61f0bfc7011

    SHA256

    2937ede3efbdb607ea1e6d994e0327bff31bc5c01bf4d3705eb9f247b420c997

    SHA512

    333c4d2403254d197af01fde50fe63f3b830252351766f923326a2bb628c9feb7e282e007444d0e33d21e9d67ad1a7e1df060bb64f27dbd9f1b2511fca4dcd48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31b1470aabcc9884dc76a89770430a5b

    SHA1

    48ecab65d78a4f1f01b4bd6e3f0a56fe873641e8

    SHA256

    3bc43a4179b357cd43ad534a12722f5b1670db299b314c1cce786fc342454e3c

    SHA512

    1b59c65a283b03a5e8ce2d6081cdd3587e3296f4695c173074e8772fe3fe8bde0f3a551c7990cff446276fbc065b0429c7ef3fd21fb7b9b42cc484be03f48ea7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bce684847bb267dd043011465d8ab87f

    SHA1

    0ced0368754b84048aa36a41bacecb8eaf8aab8c

    SHA256

    0d5f626baabaee6f9653281c911996a2b33b55bcca44caf3cfa0cd503aeb183e

    SHA512

    f4ff77b8cc0f14ac90c53716c75f02937dce09843f17a056f2588cb20405e56e376c13d99bd3c57552f24fb54ede95d309e59d5e49643582fcd8189cf26ba7e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e6df473ffad079074cbca8db04c56cc

    SHA1

    bb919c6cd152eae6bd363fe5b8d7d9ded798f305

    SHA256

    f31c40100eb4fef367d2bf0c01cbb1b6fa955470492a493700b4a4866db4dba0

    SHA512

    897ee2d8ad3cdb353e9ac898d75cfdf9536ca640c44b8c0c519b1b050a2d3b686acea144d85e731dcd2e269111be2b203ab550af24474f73a2fa731a32f969eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e60974071d83e2379bc25a4aa80b3a0

    SHA1

    fe5bf838618ced9a706e63f3018a57073a9582b4

    SHA256

    9f26b500a6a476a9efc2d24cf452b717cf0f702ef08ac96ef99b5fa1b7cd9a11

    SHA512

    564fed3e0115e5389fc2d2ae3370ffd8355f22a026abf90f6cdebb5a602dc81af7c3dcc625c3e21ec5af7dc90e0b66e3366768444cf85dd3403083ca28a76fd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4eec359331cc498c76636d0a5a621edc

    SHA1

    6741b9161d922e727a36a1f127de13631dc883c7

    SHA256

    8d9dd9f6ef9f12cfa2ed33955a14b87ebdf505e93679e5ebe97e8712dc35481d

    SHA512

    f061285da15971a281087061eb9b4ba0d9bbabe8295e946698476c85735da8d890306e66f9771b8ce7739c4062364221dfad67dd917199fbbee748162449f419

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a19bd7df23bcceb8c8acea045093fa3

    SHA1

    950ff59e01c4eab09840834a5beb6f6b633d1498

    SHA256

    ac2e7ca28a3d36a25efb5cafb80a4eb574b98f42e3d93a1c6545a957afbc1bf4

    SHA512

    a8915a2ca651dc958ddb03134209c9a6f27fc5ca1090bb0520ccf7d25176a021690fd7d49d504d07975b8f0132efeb2983e6951c74723fe3df7907c3b5b70d6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a54ea38e0f9e5624321e246ca9dfbb3b

    SHA1

    d3e1ddff3364bcb8267b2777e4ec9479bf11e018

    SHA256

    beb3f917f336abec556b62470dbe290d2ce226ffd5b8ebe7a480a95480a74b2b

    SHA512

    3c43b6101c23baeaafd3e78ffc39a9cd2ca93f5422e9d2e9c8b8cf54a3b037674d9f55a890881f163eb7f522795c636e68d08d35a13581364a3d825a1bd103bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9030c6ad2752a49de35ecceedc66ffdc

    SHA1

    5b24cc0d961f261ceb4a358a1a4e7b7b388e7a5a

    SHA256

    7789154ff63cf519e626926a254ab6cbb384c51f8f6eb996a82e6f70c50a682e

    SHA512

    645a7fef6144605b6eefc8c4c35859fd90d359c8cf7994047d079d0597f371f73729533855bc19b262b5cfb95fa05e40de3ceb3f7c84d5e7a1506dcfba2a7e50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c148e590730fee25ce77333df1a71fa

    SHA1

    9940fd8609f2643cb96a4646fd246af618d0b3af

    SHA256

    0b391fe158e4a1c9485f62ece92cd67ffa73edfd62f7c2d8a0f880e5cc1f6e57

    SHA512

    6cbdc163d242a7dda00194a41d7d09319b479641a6d977247776d47252673f7655abcd626c9fae2883d2e89c055cc236d9b3f87a64d4b56f99481816cfbe2173

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f78f79947460a81d23421aa5b537f3ca

    SHA1

    10ca1b50210815e388c3e57943fed2498b2d11a6

    SHA256

    bf980adb07193a9550481c36e68694b23050ba92209b381258fbf199d06d803c

    SHA512

    12234224824fcc857f58eb42aee9609baf3e0bbd8a64dbf14cad339a75911df0ffd6d05dfa506b9f5fcf33b1ec4d37d010c00b6fd68f38f2fab2da90e11d5c72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3906454127b60ae0842cda6025301d03

    SHA1

    4e2edbe43f638bd9d42e68d042429eaeae0a64f1

    SHA256

    ec07629b967b0f78971c1d6b7491894a888b2945553577c67388865dc096bcfc

    SHA512

    be8107be99a1a65d3ac922cf760956dcc62d9b4ff595ac6d4083d0d63bd2ac3c343aa55fcd2d0152726fa6ebfe46e15d91cfbb074da7b015b549429c98ff5da3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ff48a46d11331df40cb3b3f2d5eb9ac

    SHA1

    b27b0475f8dfc365aeb5d8a2b35c9112b2af58e7

    SHA256

    a6dcc3d0d28fb1be410b4bc0ccfbf928a86f4b2fd38275532a8844840a1f39fc

    SHA512

    ca1600a14bbaf75378e68d05d03709d2847eb67fee293b745f2f1dc1306a0e078140233b6090dcab2e5c620260b9697b0c0ac32ffdc4a1f6c133f17fdb859e6d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E79.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4016.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit