Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

d3f03275d0...17.exe

windows7-x64

7

d3f03275d0...17.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18/03/2024, 16:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3f03275d03f23e63bb164cb23089e17.exe

  • Size

    213KB

  • MD5

    d3f03275d03f23e63bb164cb23089e17

  • SHA1

    67d04b790da338cdfd6e2865ff77a451e3e699f4

  • SHA256

    c1acc4e13cb75360db82b7d56f3720349a6bec3bc0e8d8072e221134991f381e

  • SHA512

    78b9e895112c40b00f2efc88859bffd88f6c6a39e08fcacdbfcc6aa2a4a7c0327a42966c0a8b3cbc22b2599ade572fa3526656e304a245938961ac498324d0c2

  • SSDEEP

    3072:y62MonpU9tw04VQJM6216XzD8areAEP/lQgWu6OWVcoGgsmOKh/v6nv6DN0:T2MAU9yfoFn7qJ3lm8ct1RDO

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d3f03275d03f23e63bb164cb23089e17.exe
    "C:\Users\Admin\AppData\Local\Temp\d3f03275d03f23e63bb164cb23089e17.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1804
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=949
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2444
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2444 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffac9c9a88603f66da1804363065cbfd

    SHA1

    5ed669c497867b47432134a68e3ace7902607a2a

    SHA256

    9e666a6ac1c98a669c1ef271446a29f4c213c157da88a9a82545176b013f9b16

    SHA512

    f89b9314e0ca0916126841cdbf093444b5ac72786a5e36c72b1f9887a0db6e82c96bbdf2897569772be9de98a42a4ff9834d36249794dbb431eaafde7b32fb2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0065a5082dd5e8d1c2d03a0ec48a5429

    SHA1

    1f3d87a6a89d6f26852953a2acdacf184164b5e1

    SHA256

    59f2c8dbb71cc3c0880e6278da0e584e0569cef671acd4b0a786bee176f8fa5b

    SHA512

    1b10eb3d2ce71e14c7b687634a925ea6b660b4d8608de037544e5139e6b28d845fdf8daec23df29ce0ea8f938196e598248ba53da5d46d87f43d2059940494fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    779f21a0f4eff181861cbc4c516296f3

    SHA1

    2bc386f9876152c4791b904d576639e74f93fbd2

    SHA256

    7f877fd9a6082971efe3a89ceed62b3ae45cb66a23a8651820f84cd0189628bc

    SHA512

    c98311847321ea516f9232761d0ed2935635aaacdfdd5968e8143681562e534b40330ea4dcb75593b3a3d01b92390e9b9cb558aef68f58279cd7fb1d7e8219b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b7715927274cb61426aaac99b50a2b2

    SHA1

    208f4c4412a125bb276c7073b523ef432c0b867d

    SHA256

    660ee0f1d19099a7511d71084faa7849032d35f0189f13fff25a026e1f37c7fc

    SHA512

    54378b84d53501fdcba7d3e5921847608bf8662543c23778dc5ad35d6c071585c62f258bf4a599f0496dd5f7516eb29c99e73fa880a6daa1cdc94c59c54418f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff4acd2789baf43716e2bd5d8dceca4e

    SHA1

    ee1466b26fcf332630cc76d9e62a65d2b50b6863

    SHA256

    f0a2607b8f940bf060fb770df6576996bb7ec14d2ec30da981c4f54e9cca429e

    SHA512

    633e9cbca002b90c421d4e230ddd32e1f801447740a492afb70549906c8d87fa7f5e5d58998018c4926acd84f4cf07703a658288edfdb18d512038ec03c925c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11dab0a7f89bcba4cbe92cc56d2d731b

    SHA1

    13ea1d1a54249e236bab6aaed3e0907b21c3ca3e

    SHA256

    2b76b4d605cec1c285d7a19c1b89bf55545788e07021f98c28b2ad88f77a2045

    SHA512

    fde4e2d1b597cb1982eafbaf6f91f14680f6aa57adafc87b47bdd55cfcde0151b7e07de61062e7372dfc00a44ac4c1456d0a6cc3f30b4be112c309fb7bc5a7c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f01f5915e727b1a5dcc2921b377314b1

    SHA1

    ad8fd058a51087df071438579349a64e20fed439

    SHA256

    885b117bf67477a7137cd0c313eae0ad5e4036de44701d437c2bba48d5ddec11

    SHA512

    bf752bdc46e41e7aa5ddf608774db8769a8ef0d7aea93d21f5e4b5988709899da918ec6171c87ce3d69d78bd5381bc61d81c01fd1af12381bd83f46849166d36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c07de3b38e5cf43caae89d810a1e5f03

    SHA1

    1bef2bb1dc1945cbb2bc42d6e4a1d747fe031a29

    SHA256

    4008cb7cc74a67f7e447615fd8ca76f5d02e0b81e3719facfa3772f0f8e9f3d7

    SHA512

    2addd00cea6d7d6f9992c6149b7e35c151b35d54036264de1a9d79aaf82792a626c6bd43abfbc88ee78d3ad9799d8715867c17426a3e15a3c256ac993b0d5463

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    518ab73dbbecf7228431e7350baad4a6

    SHA1

    fb817d5d6255df4fbc4df917d5b335ba6f38d79f

    SHA256

    92914b88fd6e1d3499f60ca68f88af4cecc797cc35f4aa8a21ad5b96f3ef45b6

    SHA512

    bdbd05e3b25b06c2b930c6a22c5395c1a0beb96b8f70becc3407570270b36cb1faf29058484b2560bb1d19b2030381b769561384dd81a061975f5470ef5a5e8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    85ca128d5a4cdfd56c16c409deae5345

    SHA1

    8ed18f121e499fdd1a618973c998583761112d5b

    SHA256

    b7a383980ea12a3bbfc50ae9f4bbc55bfda5bf99afec7253586d3e168e851e89

    SHA512

    6e4e0c1d2fc370c267327d4e1e6625830714ca32df2ff90b73ba84a98173f27f734b21c1948501e09cb69827d78baca768b37c9677287c29a08224c8deca60e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c310dfde58d8f1d2d89670d1e1d84b2e

    SHA1

    5e51330f71ac7898cfc76ead76aa87ede60ae94f

    SHA256

    0666e3fe1520bdbe68deab48ee7fce1a904d2e07acf31b8017f27840c88b798f

    SHA512

    ca7e62aa81d7527e88e07d68a36db5037f9a3475b4a00dcb47b834a5a08dd5bd9acf44bb57da5713401ac0090847dac823e78f6f2edb2f0361a2f56121f5358a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    290d1f97f68242ba2422f1cffb80add3

    SHA1

    02f7c18a9ffa7f95f165b3b291591a727281ba87

    SHA256

    45917f5ba4f306eeb014fcf4bdd57b7266cc1ba7f58b7bf9879bdf0f65078d38

    SHA512

    0159b152dd40e47ea32f34058e0cdfc54e7043de5701d414258f5353f3c6bcc962feb65c4cb5f91415945d4f56d62a42e694a80ebb104c69abc60c190ac82bd3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ff1a0aa12d67d64aaf58082155044fc

    SHA1

    1aa4ecd75357711a08415f0e0398a91422f8a89f

    SHA256

    d5095f5cf87ba7f22c5475834e3035bb1b5cee9c5a8915cb38f032e7e835314a

    SHA512

    d5b51b3b6f2fa7cdd05e8deebd42e197afbaf7441ca77c5d5578214c5197b150fbeb5b58d699727cadaafc72aa593ce8de655030d3606a0d343531b3fc218352

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ece179c057428ae5da05a5540fb454a0

    SHA1

    cb046473ba3b9ffddd4ac21d5825153fd78688d8

    SHA256

    b06889a1a08e71733830a9b2e3719c3958e0662b420b066f45aba3844269623e

    SHA512

    53a39acc71c3ce75d47e0a91c0cdf0c00167abf74251a0ade19138db3f22690b50a7da4f45e3fd0fe0bc13271432e4b9ec743d959ec696cdaf4458343d3ae1ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    203932691ce0fa126b315077b52db4af

    SHA1

    2e56f79c3c7ed2296bd5420b50abb53976593aae

    SHA256

    f45ea5d5e122a4e5cb1d752f7254938b055d1afc22194a053eafeb83469992c0

    SHA512

    b861874d876023036b95a42582713adfbd5cff36a564770b406d3d21132eaf7776e8163c54937e7887ff83003f8a05100d8fe22330b453187607cf166ee2463c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    393cd02d1a092a0303dd2154071ede4c

    SHA1

    4d4b795ce5464c7c72d4d2386286cb963cf25ede

    SHA256

    ddf71d2cc12db62a5a3bee521c1928e3032523bfc1ca596fb6a6eb2d50430d43

    SHA512

    9e42793b519bd13dc46e47b23fb117e0d178ff5bab90008d3d7505c5c0bf55b54659d16493232dcf14dee9d5430019ff130fd26a0c1718945e117775a0a3017c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5E76.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar619D.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • memory/1804-26-0x0000000000400000-0x000000000057A000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1804-24-0x0000000000400000-0x000000000057A000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1804-0-0x0000000000400000-0x000000000057A000-memory.dmp

    Filesize

    1.5MB

    Download