Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18/03/2024, 17:05

General

  • Target

    d40d5a39c43dc3175ebacb9a7744fb9b.html

  • Size

    9KB

  • MD5

    d40d5a39c43dc3175ebacb9a7744fb9b

  • SHA1

    20128b21765fd5127e662a2a59a36d624f1f65be

  • SHA256

    dd91ac3a9ce8b82d4e0aa8724436b6ce5108ce1158cba0ad49d07a88066237b8

  • SHA512

    9861ba3d731e41e70b6b417e0e525c87244c0a1b754580fa4c291b2172a4b4c5024088be7b20eedb869700589220be77ccba6bb8103a2f97fd7e6718ebe50770

  • SSDEEP

    96:uzVs+ux7CatLLY1k9o84d12ef7CSTUiGT/kPs4pUlVHcEZ7ru7f:csz7CatAYS//JUPHb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d40d5a39c43dc3175ebacb9a7744fb9b.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4e01cc4d3f1647f7f5a92543f7270e9b

    SHA1

    78d3e3c248a19ca8aa5bdbccc0bd06aaa9b60f9b

    SHA256

    9b4eb6f67d57786e70cbcaf1822aa3091bbbdf04fcbe40548059d6d1448c196f

    SHA512

    109ff3a9032b31ac7a6c431a2deb1cde31cd6aac34c5070e26221ced2387964d84fe17be0626705610c1c28f9e886ea6b47d1e18637a5b1eba63969f00d382bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    665d3fc2627c71cdbf5b13e7d71672eb

    SHA1

    615cc76ce61bc9fe7c4624b1fb0a8bfe254ee862

    SHA256

    70406e2faa6934911e3a3b7c98dbce5b157d1bb9330aeea4f0c5145906d1a0ac

    SHA512

    da520ff2da31661fdbeb399c9448845bc752740be3a7f8d4934c67ab05e8d29654f038dca345856c119d5b3f223c19be46f851e26341d0317c05c6d4a1f38d37

  • C:\Users\Admin\AppData\Local\Temp\Cab8A56.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar97C7.tmp

    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63