Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

d6bf4b0581...8b.exe

windows7-x64

3

d6bf4b0581...8b.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $DESKTOP/Internat Exp1orer.lnk

  • Size

    1KB

  • MD5

    9ffaab5f197ee38cf1fe65e19d4bb217

  • SHA1

    39ee57d785cb31b75fe79879ab5dfed14eb1a28e

  • SHA256

    6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

  • SHA512

    eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\$DESKTOP\Internat Exp1orer.lnk"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.113w.com/?waga
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2696
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2472

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f76c82da3de1aa487ec71aa72fb271f8

    SHA1

    781356874b68e57e91aa56e5930ce0a501543b8f

    SHA256

    198039af66870342369a7d879667dd47d2d3663d1fedafd9ccff28ee4057c5d8

    SHA512

    aa1d4e0c95a971c5419d1297cd8183910b7177cb538214c85b538f39deb6092a40eb92ff333e4bff5c90bde2dd5ca0cf5aacab890673f6a7b5f2b402104ec64a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5a00947bf7843e8f94133bcbe222a50

    SHA1

    789ed46387047f68df8739a9fa9bc7151b315657

    SHA256

    4ebc46f8ce845b676a0cf45d2b645b893e057e76fd8a877fb1f60f69e94cb9b8

    SHA512

    5484dbe2a3bc5bb510aa29da0d7e658394903c3f2e621815941da2e518f0029f97429cbdcdfdcb23ed5420309c98dbe4cb511e43185691146b8344e1dc9a8aca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a44dcd227516ed1e27ae4d86a2c84784

    SHA1

    6df97b620b81923cbb32bf52da751fbaf4bd73e7

    SHA256

    0f7dcbadf07e431a6cf58e0ccc4e81269123964dc825c761f00e2ff3c27e3373

    SHA512

    6b1899fd0cf07a57a826a203cc7dceee833f30c31464e9cd94a120c8f5f02e0a8f42d730f12d5f56b1d9cb8f72efcdc2c85c9594fbdec47442f09fa5a97b0ba0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70d67ac948d0d4e210f697ab6ce264ec

    SHA1

    5e83af8cbf467ea1085d8d82bbcc8251382f76c0

    SHA256

    ae6169bc23eddfa4b2f8d337b16cd4eaa1d99f69634b055ed17fb0f53854223f

    SHA512

    44324862366b290e47704a1262f084e82531831345671dd678dae301633b3c0b1bc689d3d8935843dbc59a56a62b6d3046fc37dffdef07ee89dab02f59a08ec8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c41bbdbc8befd7cbb8da77de0403bb27

    SHA1

    0186c72f19ff1bdc33e332b6007a5409e52aa4e1

    SHA256

    9dc6d69d29c467ba6e6127cb7c803da1e2820f12c6b37b45cb2e2d0d881bd9db

    SHA512

    8e6e1dd6c4dcb374d2b453eaa131551c3c39e175ccb8738ef1ff168855b96c111d3394abb486252bf090b1ead1ba238966e6f854086b3ec0504a5252a1776e5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3a8f0ff140c69d3c0d5e9672bbb424b

    SHA1

    9975cb4bc2b693a27a586a397c8f33c6ed017b01

    SHA256

    fdf57b53d289edac741297b4c91aaac86a9e868aeece6bc7c32b1f559dabfaf2

    SHA512

    9d2b41af9b0a770d9d43ec0ee949212c7bd9bf1d685e7b8b7021fa76582f92e4abe9a5d3464ac220e579a101a14764e270efae9250b7d5b77cba17ca34a6cfdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52181fd3b349b3415b98917f93bda105

    SHA1

    4199e2815a5b8cbaa988bf51a1dcd63e62192266

    SHA256

    2eb2a71a7f8cd1383b338c3a9684e1cc545757b6a2ad89f7f2c4f9443e2f27fe

    SHA512

    4cbd38471b14fbabc747b696e568a83dd838a347118ebfd5323c288f9286100c5f93edd139e273f772130e0c766edb3af2405fce5c6cdfccfb6e4f6e834c97ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d0b105980de7df1d43e66fbf1517b00

    SHA1

    10149b5d808d40af9b8032666efa52075af7427e

    SHA256

    ae702545d853ff3f90f861faf51c1acc22506e021f74f790b4a2a13c306cb78e

    SHA512

    37e073dfa57e139f0a7a1a51d0e2cf0e9cfcdcbc9bd70919fa09c827f2eaad8f90b22b2a0a393e69a9504f0ba74f3eb460a1df41666782d285b8c47c0d9f994d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52a43f96d5b4b667525710e27a7929df

    SHA1

    d3f2a95c4870242bff3cbcd518cac35fcd1840b1

    SHA256

    43516b0caedf25ed8bff6f3c7cf355e0370de8d4bad012573d5851bd62a95db9

    SHA512

    cd15d7a260f7e127f3a226ffd20a83952af5fc48603193b44694af7accdab0d91f906853cefd334f484e8b5d8f341fc2ab9a0f611ebdca5f9f496a3e2d9a2237

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1a5199883f68f5bbbce1042f0e49af8

    SHA1

    e1cd2e8d4ab936edcd517c77c9aea4c3f8812501

    SHA256

    48efc8d63167469600e075c251fa8620210af9351e94aa6c76f125ecff359289

    SHA512

    6475253d5ecb79ca1da51d01258ec4e3249c31046f526c645c0921e42b8f94cc8d7e0960691868741c3d240d8f116b1257470c21098e184eaa004d982f11f8a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d759e8f1e99c90a2ff697e6688e50ebe

    SHA1

    a928a0363e90efc6cd826bcb16a9e5edeca04bee

    SHA256

    b1ab1f496b9ed4e932aac84d0a4d5f34ecd54a944be69790c309e7928bc01e60

    SHA512

    901357fb30fd63e11aefd3d53e6ab4d5903dbb2320ad2e36e2ffa709661b8e0a402ea0a9e555f2aed097590f4782e5a7468cdfb1d0fe699e9c053b317affdd7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bba555c72ae483f5345359c26bd8a2dc

    SHA1

    80452ca65030b27599b8c63d451e03e73e90653c

    SHA256

    f6922552284ad134e8384002925b0e498393e926887f3df48a4e44b4fb0bb8d1

    SHA512

    8f2f62c0bded85eceeab986b4709ad4697970187f9332808fb3f6ff9c4e913401e654edde97855ccab536813c0f4fca0c28630cfe04229c12c0af024cd867cda

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab513D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5259.tmp
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar526E.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit