Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

c57e713d11...5c.exe

windows7-x64

7

c57e713d11...5c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    153s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2024, 22:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c57e713d11a445b717c51a096854135c.exe

  • Size

    213KB

  • MD5

    c57e713d11a445b717c51a096854135c

  • SHA1

    30ed7208567b37f6ea62b9af5eafa2f6c6cb2982

  • SHA256

    ec65d514fa8fb1e3b2992c67d5fa07b113072737ecde8ab90866d1d31d92c86c

  • SHA512

    871964bed911fe8663b5ae55845da8149d6d5393d446c25d5636d1f6d96445e01ede26c3fb9d6ee520ec8104ffdfb3135c00f09437fb0bc682ca7e92385928f9

  • SSDEEP

    3072:y62MonpU9tw04VQJM6216XzD8areAEP/lQgWu6OWVcoGgsmOKh/v6nv6DNe:T2MAU9yfoFn7qJ3lm8ct1RD4

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c57e713d11a445b717c51a096854135c.exe
    "C:\Users\Admin\AppData\Local\Temp\c57e713d11a445b717c51a096854135c.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=643
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1360
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1360 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1152

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e818f67567ee7350edaa94d7d9b4738

    SHA1

    86f5432c5e5db05cdce29636fbb2eed09e82e168

    SHA256

    db7304479e28cb9ed3c1590aa58a2efb0535df3e2205910188e7030bcc57ea4a

    SHA512

    974e9aa43007016f12d24647cab859de135d3b93a0e1eec2e4e9e5b2d5e1f1c9269a9e8775ababa9c31de65b204ff27f21ce3bf7af6cd1a3a8ff2471093f428b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca3ac66dd949310b45af64cf8da58990

    SHA1

    cc112cebeba37e4e0c9832e77b8b007082c416f3

    SHA256

    2ed0b939495de8d4116cd712e3782809393bfdc5d4f2db9ffa3e328365ea3e7a

    SHA512

    fd0e43f60b722b83e9cd9b16f196116258be231a32882eedf1ee4374f44a0e7d9fe802fcaed65297d064cdb394de75c2168f4c85669d55a697bf4c82192baa9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8259d452cacc2b62a9b1720729c27415

    SHA1

    4888353e7e9bee90be7e7eb159b940a38fe0e017

    SHA256

    bdb6b9566f5149087409020837c1501ccf66ef312bd961bc34168d75383e5c60

    SHA512

    a68b1004983fdf79be6fc5fccd8267b453b39b5c86d78fc8558277a7efdb04ae451b9282b5b9063146f9a169eac2867bbef1a53fa2a3926c4c1bb9beec7c2638

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6539f4a07bc35a1fda7124d60b16038e

    SHA1

    dc05b8431d0729e770c36ccca08df2e76d1ca0b6

    SHA256

    1e45169d03f2e1174b0530dec02857055bcac9b7aee5897292ef219007fc20df

    SHA512

    db7599ad1f53b7616b80e7f008fb77891575c96b1938b97824177823c8eb2264178da4b0b2e5d6142ef9372630c3ee8abf3367e9129de6d526def0eaf4e8bb99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    507b56d2e4630f1589cdfda3f82b6fa0

    SHA1

    adb738b9fad79b80c1d28c38642696a877a87ee2

    SHA256

    6de17f88b567e38030961f66769a2a11af69a98504beaa2200edd04dcb97b323

    SHA512

    4cfd2ef5623848c49e2dfbec543413201e117abc722c819958d027c744f858085deb6f46cf5b8158da7394f4af711f458444ac425f635290522d9afd0ea29043

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a61f045cdfa7a6879263768ac25c2ec

    SHA1

    dd2257fb438fc6e1c7098a4cae0a8c09cf08bedd

    SHA256

    55b6dc6413058a25a3bc4ea5155c0cd7d154af800820d206148024190264cde4

    SHA512

    720a676108e0ecf75d91c2cf882645984ac227429f080ef070f0b4a036c94966bd7d3fcd7cf4e3eb5cd8e85eff97886869cb72d251837865505d91e15db59ed2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc9f1f02db6c3364dc9c3f24aab007eb

    SHA1

    0ad8ac04119bac501dd2c7fe0a91b63ef7dfadb0

    SHA256

    a1205d0e3019ece22adf73a34a3fa313a65f4c177948bd64b5bc327cf700ca49

    SHA512

    bd47cc2ca80d05455b50e6342577b9b11b60e9ea02dd260e3b90b85564f3934e20ec2698ca3bc291d2fd1853c9b3b787486b74908caa4a0a3d15912918810c10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ece3977485e4d7614344ff5b3941f861

    SHA1

    e8966662b5e065f845d1db8c537c6a211656d325

    SHA256

    517f133c9c8306bddcb77de7b3eb25b59e4efd599f561f94187017822ea6c471

    SHA512

    75e3508050b1da0ecdb4fa08c235a0a5a2e0cd90671236776f5e8fb2491a2441035855a25bd08f827a1d8b5e985fcbcfba04f225c5f9735d6f950181928e99d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7af89a391531d1b7fae9dacd25d76317

    SHA1

    5404119eaee259d91646a032e64332dcb34b1793

    SHA256

    c2d27956cdabb9ca78fe817388b1e9812e80553339e70ac1a33f28a95d26abdb

    SHA512

    fa1c19e38321b8256e286b28fbe66fcd0565f31aba0cf37d4f00845e4169c0f9f8327f5894ce821899e877badef2bb49aa71c12693c15f508a13e756481f24f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b7b89bc55ac6418128dd7c3ca19172b

    SHA1

    49034d79122318a21bbfe092c373d2a623ff4c6c

    SHA256

    5c3eb3dc329efe23d85ea8691ea022d5e6fa73ce2be40c7fe9671ff774cec8e5

    SHA512

    ca103eebbb3ca13396d855d96a4a15205c5bc76eaf1a43bd65b3e2613874546b0033851ab5ea59a71be58a333ba0fec9a1b9f7e2cc073bdbd476fa62125f0797

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6947cdf95f801b491469fe9f7eac67c5

    SHA1

    b30140b7ff56abdaad01f44901b3ae4a0e7bd518

    SHA256

    6fe48a4235be1472ddff90c1f1e28e7a9a06626cb35b4c7f0df36219489b4c37

    SHA512

    8e8bb4d07b6abee63b29d6ea48d3d8c0e19fd3337cb592ab3b44d9b6a8fdde7833769233d78b8b27dd94e8bace6b3bb2a9d55a879da18d6a08052c598b663769

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e37bc43e001ac92df14b7ff881e56f3

    SHA1

    b8a870682c61d5622fbf3cca69c4cc28df0ff069

    SHA256

    8ca2ea840eb411a7e2968687c3c15f411989dac5975ee17e83a15bce0000bf6c

    SHA512

    4850deb4b73346d13699bd78eff2ba38ee6dbd308c41a8782b2ba86740fc0d16a1d3a78817613ef02ce2de3d479f677571f1ec74bc8c721eb1d8d77cf8d92c1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c5841438137bda29ca0947b1c6934f2

    SHA1

    90ca03fa951ee6f2026d8c9a41d68c23a5853be1

    SHA256

    1cfb47fcbabb67ae53b4de115e383cf2817b8a9967ebe8c29efd13118621c7fb

    SHA512

    6f63693f6964f1b394af0f21a204952ab75c9491eaf67f5ab5734114e701a62ed576a9cb5a500d197c318083c3e85e6526493a7b4f1cad158ce36164535485a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dabefb0a70d0992f51692bcd56313b44

    SHA1

    e8597eef8d0ce706dd6071d17c4ddb8572c9d6c5

    SHA256

    b4eccc97e3aa229e62cabc712ed0c660a2d03f6cc2c79e1512f4bbf3c585f11f

    SHA512

    247623d8bec22ea2626385fd82b9429645a80cedce3e8ababb8139ccfd77af93dfafacc31b0d3f6f36f31c6650d3df9b86aec3aa58dbe2f0175d1dc37e30374e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22467006e15392d04e771b8fc99186f0

    SHA1

    5609ca419fead815066eb505ef30165f95a77526

    SHA256

    531bf384d6c4cd2ca949f288da9d2153ddefc0dba8b9729347b33edf57c64607

    SHA512

    2ac99a10afc8831a7e4a2f06299f423a5f795edee025677a16ac91ba909172eed2ec2781cb7bd3f214ff22705f8ae6392fca88387d166fcadf013667f53d7123

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC5D0.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\FG.url
    Filesize

    192B

    MD5

    0fcf82b5a915470e8a79d3516f582a36

    SHA1

    75f81b41607905b231521243129aff3554a58db0

    SHA256

    076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

    SHA512

    adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC701.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • memory/2264-0-0x0000000000400000-0x000000000057A000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2264-24-0x0000000000400000-0x000000000057A000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2264-26-0x0000000000400000-0x000000000057A000-memory.dmp

    Filesize

    1.5MB

    Download