Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://softeu.net

windows7-x64

Resubmissions

29/03/2024, 11:14

240329-ncb4jsfe4s 7

29/03/2024, 11:12

240329-na4qsafe2t 7

29/03/2024, 11:10

240329-m9pv8sgc57 7

29/03/2024, 11:06

240329-m7qpragc27 7

29/03/2024, 11:05

240329-m6zk9sfd41 1

29/03/2024, 11:02

240329-m5hw5afd3s 1

29/03/2024, 11:02

240329-m49nfsfd2y 1

29/03/2024, 11:01

240329-m4mtpafc8z 1

29/03/2024, 11:00

240329-m37gpsgb55 1

Analysis

  • max time kernel
    14s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/03/2024, 11:00

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    http://softeu.net

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://softeu.net
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1720
  • C:\Windows\system32\LogonUI.exe
    "LogonUI.exe" /flags:0x0
    1⤵
      PID:2068
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x1
      1⤵
        PID:2176

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
        Filesize

        68KB

        MD5

        29f65ba8e88c063813cc50a4ea544e93

        SHA1

        05a7040d5c127e68c25d81cc51271ffb8bef3568

        SHA256

        1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

        SHA512

        e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
        Filesize

        344B

        MD5

        a5031af44893417e74ee52561ad3f171

        SHA1

        41e23ee73f499137a3a5132448b0d5b804e58f60

        SHA256

        7f2a1c45b0947465c09bd2fd854d50adab9934ac555b6cfbe3e432b44c3fcce7

        SHA512

        a74cbb29857dfd6458d38aea97d279a64f5b860ac4f0a806efd3af4dff7238f5d9bea277ad8fd3d372d7be24d1f0a9a4682f7b48422be38ad476b5673bf67307

        Download Submit

      • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\N4X2BOOM\www.softeu[1].xml
        Filesize

        13B

        MD5

        c1ddea3ef6bbef3e7060a1a9ad89e4c5

        SHA1

        35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

        SHA256

        b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

        SHA512

        6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\Cab84AC.tmp
        Filesize

        65KB

        MD5

        ac05d27423a85adc1622c714f2cb6184

        SHA1

        b0fe2b1abddb97837ea0195be70ab2ff14d43198

        SHA256

        c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

        SHA512

        6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\Tar84AF.tmp
        Filesize

        171KB

        MD5

        9c0c641c06238516f27941aa1166d427

        SHA1

        64cd549fb8cf014fcd9312aa7a5b023847b6c977

        SHA256

        4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

        SHA512

        936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        Download Submit

      • memory/2068-200-0x0000000002A80000-0x0000000002A81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-207-0x00000000027E0000-0x00000000027E1000-memory.dmp

        Filesize

        4KB

        Download