Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

c97b48b882...2.html

windows7-x64

1

c97b48b882...2.html

windows10-2004-x64

1

Analysis

  • max time kernel
    128s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 19:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c97b48b882b02e7f022f41653189d372.html

  • Size

    91KB

  • MD5

    c97b48b882b02e7f022f41653189d372

  • SHA1

    69ed86f0494e3fc8547b41c19bd043498c6e7447

  • SHA256

    1ad77bca3b0ed04071dbf4a485a8bcd4db474af600cc9774c5cd27dda876e589

  • SHA512

    932d820d0027e081be031e4e3d0fe0b454f718b4eabdc48d70d8607230757857e3edf3e7a512d1df834f8ca28f5a2bd11eec5e46131e58c62299140d62f1c2c4

  • SSDEEP

    1536:WxV1EJB4yzCGWuRAxE1WwrHmHv0yeMmoVCFAFNIUtTOzVeZ27uG9lE/LIMUPmNLV:I1YT1WwrmclMmRezrOzVd7uG9lE/sMU6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c97b48b882b02e7f022f41653189d372.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    9deec3f8342b8c64f7b7166f8188e993

    SHA1

    19ea9219e10af05a41ba7ff43ad59b2cc659d39f

    SHA256

    7cdc9d8cd400d369f6951ff1b3c6287f57373c5d6b9bf8466785573a503348ed

    SHA512

    7fd3fd2612a68f343b7727d171b6d8458363a2a0cf4724ccc5c7659ca868acc74b44cb83f2d198851db4cb4732cebf139701547092a95f22e78a8052dfc3ff98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    1e309774c7f6a058c8edd89f7b6763a9

    SHA1

    a9854203173a229f17a732e699e96a116267af0f

    SHA256

    3aa9cfdeceee70a43d64b9ecd5e6d1454d32f237422420b91d7f4d3c911b8353

    SHA512

    200703719fb60b5373ef35e310d3925f319a40257be2d3fa5e77d2a1dc614e24487336f273d82997d08de1cf00b0f1cf079b59aa8e879e83cf9fc17264976163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1361da0a3dd602a59c94a10d22274097

    SHA1

    a98ffbe21594ab268fdd8f341772de1dc639163b

    SHA256

    4e7fcd950ad3640d4653600c9f85090614f017ea91c5ead44cd9ed23170647fc

    SHA512

    82c94971b7b013ec95fe61fa9b5f14e912a324e659f396ceec7b6e785eaeca21b5459b5ad839c74cb80ded949f72296eab21cb755409eb31b9c5710dd00b7b76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9868f29a8863387ef93054370b1f00c4

    SHA1

    bab1856cc0a266c478df5acc84cdc9b726e61b1f

    SHA256

    78f83720f67ef1f952ff156c66fc18c7fc5c761a654101fc30ba1071e1f24c3a

    SHA512

    9db6c1d211682da88d56459e1112a3b973661d853c098a8314fc666fc93babf63084e285ba92e017785048e128b3c38b07864d3639f9e07394a8a18378083d63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe39150c5cdffc19c2e5251fdcff2e77

    SHA1

    e5c325fda5326e1d42651c9972487619897f1848

    SHA256

    fe7762f1457f44e2f7f0c629cc3bb21d3532d5c4cb9de4cb35a5db1f731de1ae

    SHA512

    87dc6eabae147c5eb52637722e251ec93f009c440aeba06d99a1c6670847af1190e9da3eed22a0e2065b62cdd6b0afad5f143dc0c4f34c6a6fd0a8a9e1ec44bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cc58b0d75590eaedec1660a20770c14

    SHA1

    d7446ec98054908696a17f097fa18fb6cf3b60c5

    SHA256

    c93ce18a83ed64ae636201e5cec3041f603b2b788f17dc8b64b6a2965842c947

    SHA512

    657b23808bdceaca2bf7e160150e1dce491241a319d24dcaae349adbbd8c0a26eae7e612581bc0a8aa39227337d56cd9c8212474ae3b37ecdfa50e325d3a628e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c2651eea3169603dfa86eb1ba4e1278

    SHA1

    4ef6f8f83434a6f45ec5bea8dcae080dc4b9f1a3

    SHA256

    0bfca53de31506f3d3ca9674226919042a741755dd9ea8b53e9ef171c4fce71f

    SHA512

    85fcf516adc42c094954719da3f172e45e25a7559646fc79f3078cac21d0d3b451c070a8f876a68e153c2423e915df7501444f6bdae345c95e5da792817f5ca7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84dbc3e0824f57d2e4b1379a6cf9b679

    SHA1

    ea4506555770cdb8a369e2bbe0b7f92bfc4ee8f6

    SHA256

    42629623c41fa8b847a1878d968fd7123ce3f9ab96e8f1d0614e11f2a715469b

    SHA512

    f9eb7634ac922c28e50b3853021d36da6c86daf4e6a37c13850d1958409dc9dfd162d4f2202c2dc5197a1c293349435657f31e816173d7d8813838ee60341795

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a654102168c7124989647c4aacf3d41

    SHA1

    32f78e0caa01eec591de9196aa793c27ae0087db

    SHA256

    67dbb88bdae0b3271b69ad40dce3d286b22908138c2088ee19ff8fc3ea98129a

    SHA512

    4668ee34f639e3075d24b99e7bc0ed0520012d4436848b7413c2d8d85483b498d57e539f72043259b75ef46e9e0897b995a07cf50d253a65404f6972eb4729bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13736abf36c177a97a26cb2c7ce1bccd

    SHA1

    0a6c13fb8387d30f40d65c2f4f70017db88b939e

    SHA256

    6b4c5f278044432bad909b29d57b44c90d2ed0dd3e0bc90a6b2da3e60ea72407

    SHA512

    c7a118aeaf5b2156c566a781c9abeb7d955560b729f19bc5488ff6c1fd664f2d9337bd6e2ae0ec7d803336769430f2b666a7698949a4c8c01b71e4558f5f93ad

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\platform_gapi.iframes.style.common[1].js
    Filesize

    54KB

    MD5

    ea9dd251399dd23cfaaa58cd75d83802

    SHA1

    fc80615d89aced96d1c7d9e4226b1b39986be9a9

    SHA256

    e924fdde63edcafd0ae3c3f223cd2ac30c8cd2f71fc6da9267566a6a3a285ec3

    SHA512

    1d0640ba21d600a7a7f6d1eca0d7c7d22aff87d074c97bb9f3ab44ee9f6dafc0db075a2a39ff04c0e721b2f046aadb8ce1e860a73e9f0b1123d70e6fb59246f4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    2dc32078d76673468f1bdd9d1c2dd676

    SHA1

    9a7689ab544a8c1293a2ee933599db3a93363ea8

    SHA256

    c55692e11f1fe9662e3d8c2d4c832982f3986ec48d944de471345829fe66ef80

    SHA512

    9253714d8ad6f995c26ad97fe82177fb5dd8baaccf1df414ac97ef45236a7cb62bcef548db637b51314fea5d9ec4f2c2c3d4ac0d6701bc86107128c61ff1d6fd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\1005847222-postmessagerelay[1].js
    Filesize

    11KB

    MD5

    fc4f777baf3abc58239cbc8efe48c659

    SHA1

    32a32fb5bf485fa53a8256d24db6460e8eb1ccef

    SHA256

    fd632e2d64132d33c6becc1c4f1d35b828eddac1bf48c4cdfb326b53b161885f

    SHA512

    d223db5d31692f3f5289d6a8999aff916ffe12e16b5f4baf69716f31423de520c1056966152c906d34f8ba0f27cafa529dbaf0e0e503fff03d30bf656ce4b6d3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\cb=gapi[2].js
    Filesize

    132KB

    MD5

    c23494121f5468488a8e79a6268f4648

    SHA1

    1fc2646c75df1b8528667487997ab1f5b308133b

    SHA256

    100700c4795780ff97f999795e8477954da09fcb92a1131cd17216203914c425

    SHA512

    956f396bef9df5a542ae410256686e2259e1ae67402615f937c2f2c004ff2f3de5f5767200661c0ce204fed9b32b1a8707c26a566da1d3aa120d428901c39769

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2B56.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2C95.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit