Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

Connections/wxbbs.vbs

windows7-x64

1

Connections/wxbbs.vbs

windows10-2004-x64

1

admin.asp

windows7-x64

3

admin.asp

windows10-2004-x64

3

askly.asp

windows7-x64

3

askly.asp

windows10-2004-x64

3

checkcode.vbs

windows7-x64

1

checkcode.vbs

windows10-2004-x64

1

default.asp

windows7-x64

3

default.asp

windows10-2004-x64

3

delly.asp

windows7-x64

3

delly.asp

windows10-2004-x64

3

face.htm

windows7-x64

1

face.htm

windows10-2004-x64

1

images/krId.js

windows7-x64

1

images/krId.js

windows10-2004-x64

1

lybook.asp

windows7-x64

3

lybook.asp

windows10-2004-x64

3

pass.asp

windows7-x64

3

pass.asp

windows10-2004-x64

3

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Connections/wxbbs.vbs

windows7-x64

1

Connections/wxbbs.vbs

windows10-2004-x64

1

admin.asp

windows7-x64

3

admin.asp

windows10-2004-x64

3

askly.asp

windows7-x64

3

askly.asp

windows10-2004-x64

3

checkcode.vbs

windows7-x64

1

checkcode.vbs

windows10-2004-x64

1

default.asp

windows7-x64

3

default.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 12:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    face.htm

  • Size

    4KB

  • MD5

    0bf45c04650a4a77bf67f70f3ecb726a

  • SHA1

    330f59a33ddd85706fcf07df314f0f08f07d2355

  • SHA256

    f0d24286487dda6c9de8278c546cfe1cadeed28b74a4d898a31e2409a9925e80

  • SHA512

    9c9f51ca5cb417fb2231f101a9b2581e6c6bffbc4406aa2c67ae3c93bf171d6f788e348757b0558903cf62e861429a12318ec9a567109566fb62dbf176aa49be

  • SSDEEP

    48:qvI28EYV0Aq8xf6Xlxy5OSer/LNJxO1TNerGa/Ve/vZ0rL:e8EK1/sDjcHHqrL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\face.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2904
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2904 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f159de640da03ed84f4055b6316fa478

    SHA1

    5941204cf22aacae7a66a525de73141a6449e72f

    SHA256

    1de71bbc21b4b5b31e0e2cae7617415b334770ea86335541d276f21d2576cd65

    SHA512

    d3c9d4023e4ba9da9252b34ad1d61dfd988152d8cb6a82a7bc6f49bf78c8f92908a2ecf0af8413cba1148e5f2f081ede96a3cb552b566d6d46b48e2b46599c72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7237bff7dca0ba34033f9c7b5f11b27

    SHA1

    07d00056f99ac4c8868c933b9b6c3babdb614a3d

    SHA256

    974510d779a1c067d8af5dea6918e78aa8316cad8ee1683b26978c443afb3727

    SHA512

    c36d964d79dfa599be17155c1c099a779497dcfd48c017deb36133035f10832a31bd22fb032f1e7b7d8e105250f4ecae343cd21b92894cce07a2e4ffafa1c182

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    839bc338e9d1afb9cb6f23c88e18eb0e

    SHA1

    639841020f1d1eebac09715a672dd37966a0b7de

    SHA256

    19c1634e550ecbbe06482d272020327630f456db45f1b4788f82a480a6dfee00

    SHA512

    d7cfafbe6d173411dac53cca80a3bff98de7533874bffc19c685efc72d26142adba2d43e201aa3f6b9a508cb76a38ffaa88332a88bc40c9bfe16f02923ac37ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80b481a28290901c9b3d0f7d489d6536

    SHA1

    8b755a43daa64506188a4f0074507fb0f5f99fed

    SHA256

    5000f6e3b0b0c0b071ea5a3226b0d80fddc60784b852023b33e20d8b72c3d533

    SHA512

    6800da9db8af8d1a1e99af16cb487cd9fdfda8446427e462916bdd81d2fe248fb46ad6d1f3cfc6349a8ed7c8e08a226c93f930e1a5182fb31d21c8dd4652fcbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02f8cdec66491c87212b1108c1a6c909

    SHA1

    fce9d46d527396a09d00b2e6e65a976ae4f81f9a

    SHA256

    a9dc28fd9a8dc704a6ca6ffcb3db0d7668dd1f128d062f1c379a7bf131a7a1ad

    SHA512

    7bacc0d3ae8488b3ac33ec1b4a17577062f98cd7b923d1f6b769c647d8e4458d75f358e4704d5cbcf960f177ae7aa0b64cc32ed1d650745697b80d46ed511572

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb552fec23db18b125763867a31d9dbf

    SHA1

    3049f7bda1790ad1bc86c45ec836948a1a992215

    SHA256

    a934ae5c774d5da672e9c9f23cc3111aa4b766f1013b21891e89f71b176d013c

    SHA512

    08b374067e92a6ae5173673db314f19a3b3d52c2a6cb726ba64fd62c55dbb9c4adaff050f1db3608ae24778cd57413f8f5ef50515223ea58b38989005b7a5de9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3da3404da7348fe55452b75ed7907fb9

    SHA1

    fdc7661208d33eb1451936a05acc19341ea6c91b

    SHA256

    f77e968d399c559dc14f8248d4f3804af7fc1deffc48476f3843a1917cbedc17

    SHA512

    f0a74b69504c3531f59fe4b9de39755902317fee456d317b860f282f176c5a6ac1cc73921dec0bf5d341e63febed3bf5e24eed3337a8286456f2b5c381ff068d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be20a16a438567c049678fdebba3db86

    SHA1

    a0afc69e96706378d580aada29bc1bde517d9865

    SHA256

    eabdfb8353fd8af3b9a6691efc7fdf3aef1a199f8ad17c0de085e4bb489c3f11

    SHA512

    ef09a306c21eee2b246a5fe4f3148ba33987bc8da8fe62c002fb1c8b18fd0c62feb3894fe87713b003dcaad7e3187057ff9a2635711ffa5c2daab7f19f98aee0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d2dda0898d59b28e5480040d9086690

    SHA1

    a877bda6a2dbcfc5bc1de15a55339b2608395e9d

    SHA256

    16f24bd28d6871c511a027819598f31d03e7a1280a2328c20aaa1b7f5c60f632

    SHA512

    d72ca05adb9907d1e35a6d14cca7fb901a1c61fdd982007ffe12bd8f8666c25ec3c487a4cf54a9ef4c4aad133d20b09a537fb8edbcc1750c7387da35bd299f77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be5e9cfddd973efea5999279226cd93e

    SHA1

    2b63f53cb7a85fd41b13fa94fc940e9495b59084

    SHA256

    3f397aeb35b2ae6de7d00ffc75ff6ac83fbcf2605634b1dd06be92369ae857c9

    SHA512

    26be8debd7ca0e670b08c0a83165f1b57d9b0d24d3bb849da32c7dbb39e0208492dbb2bafc8dcad691fd48d594ada2ea90d7f1b30037e307b7dfa0c08933991d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd71d7c7c0328d34aaacd1b73cc901c6

    SHA1

    8696864db7b0a521b87f73000089d89167684fdc

    SHA256

    3412abfca078572db54e7f089ccdaf407e0ceeeff1f4549ee4af0cd3d0b7ab31

    SHA512

    7fc7ff9fa1a75da3ee45d985994c7bf98c300abab06b2fc613d39b62c47ae1097d78fee9f0e5aee7caa2de50bbe24c1079d531c99494576fd428204831fc43ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3AC2.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3BC3.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit