Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

d6bf4b0581...8b.exe

windows7-x64

3

d6bf4b0581...8b.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $DESKTOP/ԱմƷ.lnk

  • Size

    1KB

  • MD5

    3801cf5240ef322de5fb53224f763068

  • SHA1

    e4286f9b6e5986b6a237bc70fdc03e8a36287e11

  • SHA256

    23dde6d591dc39c8b7901a49ce2edbe1591ef2b68d69700a4c81fd741f2d714e

  • SHA512

    3d26058c20050e236cb78533485dc2dd02ed6be0ab7037e8eac5916b75abe189d38f57ed45899787cbe69318ec4d6763633d1a8a96600fd0b20b83aaa9f03ef4

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$DESKTOP\ԱմƷ.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2772
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.wagabb.com/taob.html?desk
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2368
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e10311cea31a000e02fd1cd11f9ea717

    SHA1

    25363cea43d4bc430704be15f0be439b939f635c

    SHA256

    76cb7b00fb29fb1922aca624127f5190d553d5db0a109d9208ff117441da5aea

    SHA512

    6b9a236d158bbb6d2cd77c3542a54776b9c24230939d41c9f502f9db564571dc8b82ef1249a04d15f58a4ecbf5059ec75b4d773fce01447232e516a65ff328c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    356a5712155220c95a298985104146f2

    SHA1

    4fa76fab387a21f37e66d3ff1fd305f074b46e36

    SHA256

    2f1c21085c0f54a4e5f6e9f372622c87b2cbdda0dcccc76c695886cbd955274d

    SHA512

    32bd50e6d831ec72a63237462d15bf5ce8acd0cd66d606874108253e75f34f9aee969dd03425f000208e2f40e9837d19e74fad974f05789439f18f2c3899ada9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae5d963b58d2216d9f717176e3331b24

    SHA1

    697910578eb3af1322862c14c2d4447d9656fd89

    SHA256

    4f7bb2f5395cfd42f8d0aafa965f008356dc0f574bc1c15f96c47bbb742b854e

    SHA512

    e93bb0fdd8a526e00f2fec3d4a0e6d4a5364d1f629f18646954d9aea600d04c170577a8ffa57754aa7328d9372f72cc5eb329a49a941a8335bf0e6170b791497

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    35e5ebed95e9248cbf70d1fa0a77cb87

    SHA1

    aaae5526f0dcb9ec585822837cb9e88c9a0bdaf4

    SHA256

    915ff3a50030f75fea8652b8376b1817d38c2d72da04ae933278c586a2de0ee1

    SHA512

    65ded2e53bd71d63534c79cdcb247d44131731d2a94d2df5d5a1d1526926efbe073d5dc2d56d0e6eab13eb0bd55e2bce1db4b4d51c137a8d0e607a5357686101

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    090411a61d40c922be2db140a5239e77

    SHA1

    fa63203e69256240a4401d2d70189064689aa1a9

    SHA256

    fc10a0b77901b519bbe444467c09bfa24cd464989a78c3fb2e5703334678cd11

    SHA512

    66cc6bf7b8a035bf6f4670b5b3afc3725d0cd2edd87915511c7bf40ceec63caacb13e81d8577a0a7f812ff1e43fde09ceb19a5a0b9857931d886b464fd6ef191

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    295f03190603da79e9ccb23fc97b9c4b

    SHA1

    910f6a9656c5f08265489ce552a041ed29932d17

    SHA256

    0853aa7d53be674c442b8bd1d0c50a991c533da7f781505b2e4ab809ac95760b

    SHA512

    1bdec00411b5f4621f6b40e03ad11f5e2d17a41b85035744934378a3ab140f946c95bd591a4b0309053e33dbe76842a64d3128fc0be6eb8153773d0151600988

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    496b36c6dd6389ec264c9999ede4a53c

    SHA1

    c0a214f00062b71cddbba0a07fd544d64d2af4d9

    SHA256

    c34ca8231c0fbf9893189471126b9f722857866efd7d83606fdb0a6706971d17

    SHA512

    1952d93b0cc7787fa767801cfa34bb9ccc7d71c738f05530a49ac33c8ea6526b164c8a135c73f179f4095825e54592fa04bea1c7e1c55837dc9c2732496a5b67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32c18a297721c26585c2e77737842848

    SHA1

    f87d780f7a9c9af5e140f9d84c55955a31beec19

    SHA256

    f6d83fa8e8c28c84b7bfa2e0c988734b7b32a80a9fd85134b593cd878911fd29

    SHA512

    ce31825bc6c2142c80003818111ff206ba12b26f1854ff08dc5b80dbd572a6c53b329aba8910505eb047ff02c404fcf809e31bc4dbe1ce8da76bf1fc675f696c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC37F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC636.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit