Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

d618921099...a0.exe

windows7-x64

7

d618921099...a0.exe

windows10-2004-x64

7

$APPDATA/�...�!.lnk

windows7-x64

3

$APPDATA/�...�!.lnk

windows10-2004-x64

3

$APPDATA/�...�!.lnk

windows7-x64

3

$APPDATA/�...�!.lnk

windows10-2004-x64

3

$DESKTOP/�...�!.lnk

windows7-x64

3

$DESKTOP/�...�!.lnk

windows10-2004-x64

3

$FAVORITES...�!.url

windows7-x64

1

$FAVORITES...�!.url

windows10-2004-x64

1

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...վ.lnk

windows7-x64

3

$SMPROGRAM...վ.lnk

windows10-2004-x64

3

$SMPROGRAM...�!.lnk

windows7-x64

3

$SMPROGRAM...�!.lnk

windows10-2004-x64

3

$SMPROGRAM...�!.lnk

windows7-x64

3

$SMPROGRAM...�!.lnk

windows10-2004-x64

3

155�...վ.lnk

windows7-x64

3

155�...վ.lnk

windows10-2004-x64

3

CI4.exe

windows7-x64

1

CI4.exe

windows10-2004-x64

1

bass.dll

windows7-x64

1

bass.dll

windows10-2004-x64

1

gamedone.html

windows7-x64

1

gamedone.html

windows10-2004-x64

1

newgames.html

windows7-x64

1

newgames.html

windows10-2004-x64

1

order.html

windows7-x64

1

order.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 12:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $DESKTOP/Ա-!.lnk

  • Size

    500B

  • MD5

    6d5e090f3cf01999d9921ae2f9ed5b1b

  • SHA1

    43bd9e6cb19fdbe394f982ee64d5585c1b4b3d87

  • SHA256

    22ef9ca32e153a7093377dd10be2fa2f6eb5367113866a71fcbda6d3bb6aba1a

  • SHA512

    f6b0757fe9f7135137be9718384655562f59122413fafd486a51aacd21433de3f55dfec2465f331c802821ffeb3c61fee63cb355c2a9fd93976b930fe981b683

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$DESKTOP\Ա-!.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1632
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://pindao.huoban.taobao.com/tms/channel/channelcode.htm?pid=mm_10066594_338505_8836640&eventid=101329
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2588
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2588 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    631cc46569fae18c057ac0d148819cf0

    SHA1

    88d0d73b8d1f41769042fbdd8b2efdf61d94941b

    SHA256

    96e9a9a4dbc2ac99bd42f95e40bd99c9218a66a56885967e302892ac27241284

    SHA512

    f6e70329a37f5acd690e16c72731fa00f52408e3b595dd421a25795dc989641de1520dd0b15193616f98aa8c3c84a9cedcf692cadbd0d0c503e461d5eeeb9580

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b8d5897f04e49f5dec1740b42ce0160

    SHA1

    bb03e45bb2d32beb781293f2dbc40283e265bce7

    SHA256

    e865c5b3d7c108e9b5f2a972615d6dee69930c85a24029e8a45cba29f932cbdc

    SHA512

    ee37d7d2c3327628ef6dfc853c6637ab871889a16a688bba966b71e01d68400bfe1b4f1e3000866aa5dfa7aded04c0fe2424746b81517c14dce7c996d7e651e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f73ba685dce71508b3cb64b777d6a967

    SHA1

    8831772c79cca294d3916320d05070ecbefe217e

    SHA256

    7d65fe41a8dd4a843bb1fff7d686a2fffb909bb50337eee59544ae0b2b32f71d

    SHA512

    a2d10055bd613fc006540ce610a816399c1e18d14bdda52f057016adc710d940dcae1e264bf4e5b7c19d3315f6f96f635d3a75261c13ee951be0a7264933b8cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba2d05cb962e76561317adc1ead58104

    SHA1

    f26423a235130c667f385b9649afc6186c2b309e

    SHA256

    d0777b31660d088f03721d12b7a7450f16bf2da84c15982a9dfb3696bdb9f2ad

    SHA512

    793d47312b15a47b8dc54d859f868fb6ffeb6743f854349324ed2c7e21af167e761e0963c5609108de3f2becb64ac9246651ea1a14f49b6edc7a291263efce62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e42a9772b977db61e54eef999966dd2

    SHA1

    01fbaa5178b55097457219c3df22ce61ebec7a81

    SHA256

    b352f3963fb2447971780a3495dfd6ee0e8a47f07dbfdf7b2962f1b9291c5b58

    SHA512

    d81a11ad455c4d87a4ccc621100789f634a94cb40407170c2f054c3edd8b10f10ff07595cfe34f275b9c6664a997ac31f2f653f484eefe47a1dadd54e088b591

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df2530b30543ba67e6a4422d64d717a3

    SHA1

    fa240faaa63ee3d72b2babfd8849d868a1163ecc

    SHA256

    04cdf64a5cd3f26d03a0516b4f2c1d6484be2fb1d7475380334e17da8cea9912

    SHA512

    744669d09190b235fa7eb06cf5e2eea19375944c48b87ea39a55ac205de4dce09a5d9a118c9f3a5b34cbabd656b711e2df7ff80c3c7097df3124341055e522a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4ce3b3eca3504bebc5f4c120d77afdc

    SHA1

    4e82b0d80c8bfe9f27ebb1a8a9417f63955a4b8a

    SHA256

    7593bbfb6cceb3258ba9dba5989a9bf5be59450f68b903eaac6b3f35c4e0ebe7

    SHA512

    992efd43dd57924542963ca303c160fe2c10d006d9829af9547d67d452405894bb13a519db7db2ba6b65fcb1370618aa0802cfa9c4825a440d77de990b378fdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e137ade09c32a50ca94d28146cef1f5b

    SHA1

    d411d393eb61464855707aaa5635b7c60e94fba0

    SHA256

    4e1761bb923e57be4e3fd22f77087812ad7c9b277484046ecade6e5250c14704

    SHA512

    c39b4dbedfc71ce6376c9722ec23dd7cfe96c20531c5b0aeba58810a11794aed308c24b19da68d430f53524084be713c4f512ba151780c115e7126811c43b686

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8af3e4cf40957fc81588b2c281a13d34

    SHA1

    a053e27ba9404f67cfefea82966ac952cab77e3a

    SHA256

    6b3fa99880e04fc821fcf693866ebc64d2a189e89fba947187eb898c75fd76cc

    SHA512

    80167bb9afacef5ad0a43e67b2f367caaae93798d95642606046f4e0c58d6e935507ae31e51fc021122b05ea4dd35f4c738eb083deb7ee37dd54fc4754ff2ef6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    673265497f03925e811eb16d102e69a3

    SHA1

    3d3333258e5898219b09647ff730000d6bd923c6

    SHA256

    023b36ddbd55fb5d2ac3486cbd67f9192416f8869459afa5b6cfe2f724cea187

    SHA512

    87c98d4fe1fbefa3249bde90d2653fb0cc97f35d32618745efe418800765eb7c6534151163bf7598ffc2709fc7bbe08272acd58d2fb0447fe196312563d0696f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58bee6b4dbb3047b762f71b2ea32e69d

    SHA1

    261e45505ac2788f5033ae81cac974d6a2f5a4f6

    SHA256

    99be828694bded875a949fcfa84a2398fc49371c7c1dc62b7ed3291b16b0683f

    SHA512

    4b395072255122bd84ccc8066b1c6f4a45d8fcf92eff0973d546fd92d077e85719539a6decce1506ce41108d75c7b0bf1444f19b7569294b3315fb4f349c4826

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e34195e49576481b45564029e7a22d70

    SHA1

    2008e26af6c6d56e6ab89f4dc691d8d895db3374

    SHA256

    25f37d021de7061ffe7f5f820129bbf6ceaa8d02d72f2bce3f31e57e3491c36d

    SHA512

    c36ec7b399906ed5f6b0aafb2dd53cdcdcfb612c62d634c3ed6d3b854dbf4ec3416243f8599133509abf510f56cd8d075e106f03185d5118b321c3e45e3b982f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa3fff201de25ae194404401ad4a9a08

    SHA1

    b56a389415de762a60a79c31323a66da2d7ab046

    SHA256

    4d1b9ab8c99eaa3e59bb44072321da9dab16c6d74b52041908d0b9f40f3b4005

    SHA512

    a9cee462f692f2e81e93a17a613b90bc9e30615ece22f15f696860260289e348da036c8ddfa5dc10641f8c44794bcb434493c3ade6d692dff08b8c9fe1c37e83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf7e1c98b758c146702c26b6d1e5057a

    SHA1

    cd4027e696010598728ca209c2997abf29e1ffe0

    SHA256

    0631e04a9c8994746e135a76f8949f21af5709cbb5be742c07cc8a6afc778b45

    SHA512

    6e496d1272c72e8a61124014293f15a93ae30dad34c9fafcbce9cd8739f15a53aa6c3d3eee708c648116234faffd2c252109a768ecdc658a6f9519235f528cba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bba89c9e0b87d98fcbdae4559f2764a0

    SHA1

    d25346a5f2b3c06d88d22860c23ef8a4d196d8a0

    SHA256

    92bdbcc1f349702565aa2d2e3aee0c927de8001015acd01b39e697462acef347

    SHA512

    987b93d34e7b4b9adcf55d5d8fdd69648a16d11fdb916a8ef5dd6d128d40078fbb8bac378336c47c840fc6b8e3b4a5a8105637435d19b8c86a0afc5169c83257

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e35f5fd0e301c65138bc6a55c0c3c3c

    SHA1

    3fecaa21b32d0f90daeecbd0a6ac4da79cd69c2e

    SHA256

    1ee9deb81e74239cf2bab9b9d76f2d953355f1e83ef66d3b739e0db38d746a74

    SHA512

    89f7a74c9f31862fe707118f1b3c902aa2aeaa345d41652bd60967cc092286d302143239752d62e6ce9585745e197eb66617029e3f996b928aa01a8e9eda0f72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    f177ba09c756dfbd13f147d15511c07a

    SHA1

    7c96e3d029beceb712293a476f35e7e32f5f036b

    SHA256

    30207d0ff0fbdc850c6761254540fb2428394e1954081f39f73d9c903eb00603

    SHA512

    acba266c3881868ebf17bc0b2d109758a45562d63ea1a1a63b935a9da7eeb1abb5a31807e2199543337be51ac89837b44d037728319c997d646fcd5bee029ae4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar394F.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit