Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

libwingdi_...0.html

windows7-x64

1

libwingdi_...0.html

windows10-2004-x64

1

Analysis

  • max time kernel
    168s
  • max time network
    253s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18/04/2024, 00:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libwingdi_plugin.dll.svn-base?id=3053a167982e379b031fe9fbe2a1d57c23026a90.html

  • Size

    7KB

  • MD5

    3b1dedd75df186a4c0defbce6f6b4693

  • SHA1

    f9dab982ca051c2e4526cca866d5c83467d208b7

  • SHA256

    ce3de345214e5d7dcf41406aadf845357a8de67852dd725155acac6cc395c87a

  • SHA512

    7aed00c640986da3e0e29aa3d34ddf0436e6a48d63c41ae421e448cbfcf76e84b188d22f2075fc4a2883ea7c006bac8a90be3f831f6327d95f12f3ca146ae763

  • SSDEEP

    192:Z3vTPMcMHyx1OvBv/bv/dRv/+vCcv0mXHP5BxUFv/jvST/lo3fOvvhv/Jv6vgvdf:ZrPMcMHyx1yrdZ5mXHP5BxUNWT/26JVN

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libwingdi_plugin.dll.svn-base_id=3053a167982e379b031fe9fbe2a1d57c23026a90.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2016 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5408473161b161d8ca61b0288b99fe30

    SHA1

    9e49216474f7288b37fdc79c76f80c785084d188

    SHA256

    bf6dbf64927a73246c6176baab6cb65f9e9687cbcc56a292a88824bcd727b954

    SHA512

    6ec851ee354536293776d410fb6229d178273c5b21feed057babe4f5fb719d1a932faa36c1659bc9932e0301e66e3031e6fe5aa269d10bc585339ad64978d6ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ba584f54e890b342142f67b82b983677

    SHA1

    7b37b48de38fda29f6a046685966645a0612b12c

    SHA256

    4fb485cc9f605fe8f600f7e956db7adcd13a02215a1442112ac6ba78fcb47099

    SHA512

    24fc7c7a0229a583398dfac8ffe91c03b2b518a9ceb12680e730091665dfc504746e9a96eb4b38724c83a4f5e356d4fcc041c48d9a2636f3b278d6733fba2606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8da9cfb9f5f266311530530dbe6eca1a

    SHA1

    a62f943d23a1ea7609a9faa0b7358253bd444675

    SHA256

    53cacb275db2277efcb97d770b71e07f0fb56b59a9199398a219769a09df1cfd

    SHA512

    b5f043bcdfa4a20c5fcc50bda8e45a9cd3b19538dc5fc5c30535159e6de4155184bfcb98e262b256915db6032c1aa96da50fabf2d3353d2026f7519188aa95a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b2867bea1329693e992004133d87fe9f

    SHA1

    609fe3bd7aac9ab2ae299bba01911a383be18639

    SHA256

    03d60ea8a0a46156edfd5b10ac923f2a8575ccd18c8e24a2186e2f0ca7dd0730

    SHA512

    128c23c21f0c4e40f05aa359bd1f283ef113db89215cd945f31bf245a1d56e32416eb884879159988d2889eb8a341adfb315477b1bef3604654fd3916aee5385

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4da37c324074d71b20ae8730bdc0d1ed

    SHA1

    c8586e2d517838199352550b093ec0400500e5d3

    SHA256

    770a5ebea81c0a9858022272813fa58d4bd1c216c01a0840c6ebc2ae68e6a5a7

    SHA512

    418f6a41460b186ded2e299010a2597d699684d7a06ddd468d8fb1b2a7d0c5dcd84e7e1e5fde4c2339dd46cbf5d86735dde14681806dfc77d47d2f999fbbe445

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    004f5270d48b662cb0ef961ffca9a1e0

    SHA1

    6ec463bc54a0a1f364f0bd36ba506723c274853f

    SHA256

    c8cd3e8d40a54007bd50ec5221f1ff5dd3cc3ed12e247ee4289ddf2486a0518c

    SHA512

    e45ea83befb0a9a8bbd411ded6e7a9b6d98d3e34cf8d5b6dbafa865c835d15c7d26796ec5d3140bf31cc8e98bca4ef0f4eabe50a89303c9e5044ae40fe715acb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    da90076d79cb8d89aa076962e2503a00

    SHA1

    3c6bffdb0e9250c23500c16f79d95fc679edf572

    SHA256

    3b01c749f1d1d383ee434a0bdabf1d5810271bce2c0aa1014d38c38598418189

    SHA512

    a9ecf30499f0c2de895e55642745c88f830d3259411bf1f87eb04f9bdd4563c3720bb2fcc96d27715afb3a8569929b6d7bc7f10357153af2d9a3d8b56bc4ad6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    21cda59ffcbdaa6073c72de24acf3b93

    SHA1

    f795a5ae36912564e2c84bd9172a9c5b43b50769

    SHA256

    587bb83b69d43e7a88d880b3af0362baa66f4c41ca2272f4dda61e31701b30e8

    SHA512

    347a39453fd9e5cdb92475a71cb99d1f19461966c317327866b09d0f34a2a24629b09921addc88daa59d67d15ff686be8b986736ea24c5d529298380e0ea107a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    afc0ec477729a6d02b8f5ca4a021cf2a

    SHA1

    11537d81f8b8621826491cdf36821b50d6f3d89b

    SHA256

    292978feb4263ffa090b6698a539cffc8d6538161b1da1027d23e2c9dd5d1b56

    SHA512

    faf7f32c93ce05ae30bf8da5dfdd026de599b22cde142c05538b15b1dd8af3205f754b0641d4888ad017f4c18e386d4a6b82d410a8f436086c07105769a984d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9ce8719c83454de33d65bd29363cffdb

    SHA1

    9cfe1b192c3bef065e394bfd6031a6fdb145fb70

    SHA256

    cd09e7809964f4b98ff5e05d92266db1c1a74138159a35fd83f5b3ce13392ff9

    SHA512

    20dfb32f5d7acc7defb7f5f4283df4e12df2c58b574fdbd562f150fb8baf96ea1b02b325bc21f1be76c9d92eec651a57c3234024bd2d6fdf8cbab1e9d97550d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    15ec018deb2c6e6b48d76d04509f0ded

    SHA1

    19fff26b7ccb9f1451c4025947421b4c47087df3

    SHA256

    0caab43e2203bd173a2dd59e0e09d6c527233f2acf70436c3b0419c7a4a1ef6a

    SHA512

    f626e40bdc5b6c5c71abd7794da501e6247623be4278cc456d6483fb3534fa2db3a9516a714749e38daf4b6652e16e61333b210b8f96c1f00c975a177869ded1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    98ac1c16eccda07ff85ecd1230a984e3

    SHA1

    9dbdc262b9236812269d22ca15aea05bcd92abcf

    SHA256

    b1ac57368e07ec0a64334c2316d02c9683261b0e3b37d65442791e9e71ff9c16

    SHA512

    f8495fd4637a3a184aca84e26a13f6bdb335a988cd09cb14e18882c9c7eb1b0b0d375ec9b556ce7e6037c4130c1df4f8b340e686c615c499f855a26dbeb6b509

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5d8b5a3163a662c4ce75dc7f2c2a8b8c

    SHA1

    b6fb0871ba403e43fc0daf03fa951bfa9402aee8

    SHA256

    3a948a945add0685717baeb92737bf0940e773e0cd99388aa165119b0901d92b

    SHA512

    935b1a6aa2e18adcd6777fc2530ac8f757547d6ba88f584dd0038968d6e1336a0656d0e830dc686f3c6be4fbe5910f3ac4fd55089422ff52240c80e33d7cfab9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fc78f2280d424040b2048ac044dc2875

    SHA1

    abbb7012672068612481c895043a9a42b1f4f146

    SHA256

    b7201ad9385be9df5b84468f31f63ad7f55e9938432cb05d6ad7352bc3c3725d

    SHA512

    5047fb750cd6195957e3c58c2597b020e003d88ca112be506d984661da02d4931a1ebfae1efefe8d6bea87005ed8097b95f90329b4c3d99e4447239aa53cb606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bf30d35a3c7acc3110f04cf04004de1a

    SHA1

    44d94f0b165d83b657e257f3a2e3dfc7bf6624eb

    SHA256

    441c75813c7b696de6cb9f585237de6b14bf78812223cf2a37a8a21f0549a8c4

    SHA512

    6edf46ddae2aa2a2a6a248ff1f0d3f4b42bdba8f3344d0b95bda1b8521458c4f42d31aa5b76d3fd13976bb390e6ca958f3dfb7f0140bc0544c858e4627bea46c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1eed8910b29e2cfe53032189639a518b

    SHA1

    2514f1db8e9cd16975e8d42c6dd9b425a9ec3b47

    SHA256

    b0bd510a70c0d27992b76cac6763ff3a5deeb02f0918ca7e45dd7d0d03989865

    SHA512

    72cd7d414e6d26ace8c51e44399f84d083aabeb6aad895aebf60a2f682bbca2b47497e91916586307998977e000718820a60cde4a26f27b4aa0a314cae395ba0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAF36.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB037.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit