Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

d6bf4b0581...8b.exe

windows7-x64

3

d6bf4b0581...8b.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $STARTMENU/Ա.lnk

  • Size

    1KB

  • MD5

    62d588bdb74e4e2e5d1689fa9272ce39

  • SHA1

    9d0db515d8f65e57353381d707060f7343a74da7

  • SHA256

    248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef

  • SHA512

    cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$STARTMENU\Ա.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.mai520.com/?taobao
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1972
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19d3dcf4a59ea8166f3b3c122a602d20

    SHA1

    dc494b07dd0e0b012a0df82e76cd31239abd9242

    SHA256

    60be3b59e11a64fae9d9cf29bb32aad738add0443f0f500d36a3245ceebd0eb7

    SHA512

    c1e86b8281d1b63092ff272dffb1017562957a3408e624702ebb1c3d095038ac54b8250ced421ff0b1a4d6847340264989aa062e448f356b5cd24ad01d7727ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b489bc7216eceb70e7d28ec4de711db5

    SHA1

    04c1f4653aa2876a9356e0c5a0ac264ab1757a47

    SHA256

    f276d657a8d6f1ec3b45b1617b6537079b7ef4e95231277a7f1afbedaa3cbdc6

    SHA512

    d3a653fcb3af437e9c7c022c3dcad2f26cf31a400ca3ccdfd719682054b7a46a55b7a9c470de034d97ac78dd80dcfff044782d38dd38d00076f91f7fb8a3f309

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcaa98ec007b3d8139047f3e19fdd0d2

    SHA1

    0ff36c14f3dae4b0161657663110a58bb2b1a06e

    SHA256

    658fd69bfd0f72a52518789e6a16f68aae4b332b711de5022c323d8c6d6bfafe

    SHA512

    e9e1cf84bbc9bab63597847a9b7a53b76e0824966aca6e69d8826886ccea5a219ef93f8495ab1cc37aa495e71b591c5bf5bdfc548ad84709d5dfc97b61f2e7d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d17984aaf97f4322acad4032011edf9

    SHA1

    0b11f45ffaa7696c707b888b7a34bb4e62fb7ea3

    SHA256

    0f06f4abbef002c44ea7b625c0e9b4ef3ab2e62decba938222910657e4719414

    SHA512

    2b3a9e637abca447bd47f907490c0f3eb3536deaf019ab5e1d6ad7f255ddcf21aefee6d729e45cc33da0dc27307d8bc9ee122c8261b18ad04bc5c94d24bb39d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b19b8786c75f07d8485e1c96019b99f

    SHA1

    599637ca49d865db1e18cbf793436a5984ca1776

    SHA256

    4643d1da03098aefd1310261f9c5f114efeb18d6a2fde60d529fa9b7ca949516

    SHA512

    a5278c7e8ae74f38b33a105d31f106afec05a96151dee6f531c25f9589b84e9035bc2bf18a58d648f62077acfd7cabf38326e3d777dcb53beb04c50ad9ed438b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af1779281af368d2358bcb651c22f560

    SHA1

    1e32e9c883e65ed60d437ac6f5397a6dbf0938c5

    SHA256

    830aaa7dc4977a0db9889015dac3a1514ea3baccfe74688e0e14a80f111d3651

    SHA512

    328a3e725f26ca3d499e2c20a8a2f9753e4f61731ea30c840d5d2562ea5a2e5ad42df0e58a8c11c25aaa7c053fc8679d234d51012f1ccd1a6cc8c2a8693d664b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    877e7eb74778f39009ac054ea1aec7c7

    SHA1

    c02143e3118258ec066ad3b15242131d42a1221d

    SHA256

    9c1f044233c4d7489d5756b691f22fb2c963285fbc2c5bd6e63b9c83acd1c678

    SHA512

    dc441b3895fcbc249014a6ab5706c9851fb566cb26a399687d869ae7483ec3447103304afb762f532da0543e5b67feda052c2026d092ae045b55b67627773477

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f8754caa501b601695a24ce75758bad

    SHA1

    cf3327675db641877476587bf90f96ec6aa268cd

    SHA256

    b709c8d01fbc51efac34a3f6916ef5549d3b39ccd68f85984c966641308d22a6

    SHA512

    1c166ad6d96dfe3479e0f1e1fbafed7ffb844da2f799892140fb1343f33d20b7a1843488ccdc454fd32503fe94e94036c15e1672060fbadd7c122edd59b0a969

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b5570f016d28d755f76a8f1aa2cba49

    SHA1

    c2571d8e5d3b492cc577a6ee6cebdee0e8b18f8a

    SHA256

    ad2bb1b06137b005fec32936b7e2e03134f4d5c3ae47c187589ac555ae53a484

    SHA512

    a4b9a3d847fa997e505a00c524e86bb37e7705072446baa8d75763638bffc21ab618933009510fb12fae38d47c6c729bc90d034c44a5d5e94c89df008e1f0b88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8a03063e29608dc833579a5506dbfa6

    SHA1

    5d14c119274f658f22da33a809ee1d4093b8f73c

    SHA256

    9032c29e112bbf4c875ec1b054e4ec0cdb4761c56ae79d1cc94493bc8c2435f3

    SHA512

    b589f66cd22ac8882168e143aa18645089e4af3726d06e1e99c91e74debad37e323c65f87c985b90ca7d75cd10cf166ed050d08432f8e5478f9336b21d45861c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4dd51e2eed1efb2b6df3f1423abbc52

    SHA1

    aabfe2d9fcacd650df689cf0a8ed16a0a75a870e

    SHA256

    4343842c15525511267190979fbf94331d9254696dfa6fd7b5f4c9a6792a98fc

    SHA512

    4c461fd7fb8a0fd20fcf9418e63cf2118d71a6186c68fbd29486850bae881caaa5c13701742d89d578a06d2f764cae4890ed49923220a2d84efd6bd511709347

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac0acd37b4ce4cd1942fb879c16455c3

    SHA1

    6c50cdd4f3e6c17975a3651ee33245295bebdd24

    SHA256

    6d22db0ced10a921fd5524938ab4bad6651d22e4c6ba6e09ddb8bbc09f62bb40

    SHA512

    c149d619030f5718015f4b18be59a642fab69cd0e7fa6a49f3cb26a9a0d6e81862140d63190a52313d33fd0869dc56faa10b7ebc8fa1b8938a12414bb0bb6e96

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2178.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar26DC.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit