Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

libvmem_pl...1.html

windows7-x64

1

libvmem_pl...1.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/04/2024, 11:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libvmem_plugin.dll.svn-base?id=e3b43bd36fd50840467669364014ee53553872c1.html

  • Size

    210KB

  • MD5

    988f39cb39154eb876ac4622f32f59f1

  • SHA1

    9717db13e3946eecbc1d64e61caa03f082073334

  • SHA256

    6a8a0a688fc5a7d7fdd827da9a22fc6b3673c398d634d3d81f625727ab181a1d

  • SHA512

    5c12e5290363915442b86f7f493d2e7c71e05c7fab099d948c1adef7f2e74bc47027381892dd76bd68a9202c4761d1b48a371bf9e4bb8c7112d12235658a9dab

  • SSDEEP

    1536:Eh/ALYLZjH1Jx1Mlgl/uLomKvPJzN+u2HEa3gl1N8RkIE8B:Eh/ALYLyfsxdofP3SN8yw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libvmem_plugin.dll.svn-base_id=e3b43bd36fd50840467669364014ee53553872c1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    385a46e9000ba44836affe36da68b1b5

    SHA1

    f6ca0e1bcb40df87cfca6f7fed716c54253d1426

    SHA256

    ef4a584886a2a3e25b2726f36f41d89bfc9ed69701d4d9f17c44c8c876dc66c0

    SHA512

    bb75a87fd0c14badd0d02058992a51495c0a945ede460225841e8bc03de7efc354c7bf238b412a49fbcb6c13638b87f975f9772504b86c61e500e88151f32777

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    790b0f5854ffb7379d9a65b9e6e59ced

    SHA1

    181d50ec403841237d78ac93a7eb02512944aca6

    SHA256

    579bdb06cbb114fb94d28f77c482aad879619cfc91a888c7cbb2488e1b5580a6

    SHA512

    1be8c6b920828462a79f8253b9009dc8f0c95a132c79a41aacd1226dbb2199679ba3f4e27195c18ad665621c181f5666312b8d15e7893a0f7686fc6eefd8db5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57ea7a2a565afaa8089ccc3b407d027f

    SHA1

    a91c8d2f1428d8ecbced04535114df10a0232202

    SHA256

    0c9dc4d78c4843fb7eecfdac90083daff468fb51f833555a5f954b6fa6e93a6f

    SHA512

    c7457ade4157ab717339115c49b5b5d219a130abf5c0f0b40bf709955f2432907de711a9aafde20914757028eb37a75716df60f04dee15ae9f0af72284a80349

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dee713226a037f09d74779fa00a23be6

    SHA1

    e0fbaac54d667b5df268887d55120ca7b2044498

    SHA256

    900d8be0d472f081db516b6c5b49eefafb594a329644bccf92a5e3d7a373998e

    SHA512

    d9f29ea7a209b668ae746474f50950bcea3a395bb9e02ec16e40cddcb112c499e62e7846f1b14cc123243699bab8551fd223b5fb3de71491231a057eb27bc28c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4eadfee2aae056696e954851bade4b63

    SHA1

    6d3424558f05a8ffe48c0c204f039e6374a512bc

    SHA256

    28b72f0fd709ddc18a7d3b9ff81cb35c7496ca483b3199758f9318de64565fe9

    SHA512

    cc915ea3f2db7d1a770326ba725d32ec64499bab02e19ba96d9197e23a172560c858b567d927690689570eeadf140664efc994807cf02f219d83f200c7da54a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bde95155124ea6d2f651ec7baf67183e

    SHA1

    584114fb5ce52e4166084ac8ad082fb3450129cf

    SHA256

    09010792324ef5260644168e13c72d44fea3fa9b62b6bd237d9512c9fabc1d74

    SHA512

    1e3eea6cb315408b4c67e341af022b821ea304ae2d25dba685e186078fbbc5b4c9718c38835b5610e76a31a848cb4f30e51a96309f51be30575944838564b941

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30a9bdad5b9511da1fda070af3d40231

    SHA1

    f6d0b92cded873a013b5266c0f769f494639e9be

    SHA256

    0c2053f75aaf3d5989a08168996a7d4c4021ecacd0d927e812d9ce09718cc210

    SHA512

    59b003a31c68df01940b7ca2f23921fd929f9ebea093140589ee5ca077f8542f39e4a82ed331e8e29d5c6f2babd350b5dd01576bde9da6ab521253d84c4aa4f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    030719a8609a4ff923d980f4aeca2232

    SHA1

    23e363b97a03d3933eb2e079b37ba8790b563671

    SHA256

    4536a0baffce2896b5fc414fede1e2eb0e8e454d86702c5bc7c603ac04fc41bd

    SHA512

    2e26981446a061c694f520ada5c331dd0d32ed00ddea4e22a981cd8020fc9d0899dba8705045731e463a72ce1de78e5d9ac1b0aed60ddc4b7d9146147f14ee26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65db082938567866a2065a7d7d9f411a

    SHA1

    42a5d539bef24b4bf35d8e25fee023c6d0a7a2cb

    SHA256

    82dbfbe06b9afe6b818657e5ca400880d010e06592867865d796d48e4f883744

    SHA512

    3bad09ae49a11affbabdfc4183b901806fe3eb194d98085cac2f2b881ceedf4d4a4086752974d4cd0562feece34d8bfb085d3f49da438a76a721db57048d72a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17260d6c3ece60e1e0bafec4e86f8583

    SHA1

    4c1c3f469b99180580251dcfc0fecc2bf32162cb

    SHA256

    6755b1d723b3a7fbbad9dadbd1551efba672fc7b49b16aff2f11873a0982b0de

    SHA512

    09a536ec0e2593369a539daf46d32ba27d12d8551fbc7fcc5fc280007cb213fc075a0f11f4e0b3f2d5c30bf1121351146891116c04f871c8d2cf11c46f4b8550

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00cfb9f12acc08cc7192b0d6db009cef

    SHA1

    0d0553076b0c64b3629299fd6400bea43da819cd

    SHA256

    1feaf6d6f2c4ad291c3b24f735bd5f992382d7498a513bae6d3093f16711e6aa

    SHA512

    0218230e4a3b99465413342e602ff4cd8169f56bbfd263fec1c0b956aa9edc46bd668d1e78736db021b3629f376a6f1c83cd60fb3e6bf880cad4278d648dc840

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df329ce744898e28a855f65a31100dd5

    SHA1

    792362f0f9c1b26351c648851e0354ac07d64058

    SHA256

    15ac570918c8d65972478ec58b7ebb0ea322dd18a7887dbfc48c57b6e81d3675

    SHA512

    e176f16244c1483d8afacaa2da9c937b1418f5186500bc96a91145f47af1a68911b38fc72360f2d12691dd764c8772aba16bd1ee7dc720b9cce99585eaaba383

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7d9b309e2c42345fb47553de2d1cb2c

    SHA1

    6ee548ee09e078b3e7e64333b5a62617de4f3c4f

    SHA256

    6c5414ac5d71fd6fa3420ca822a54d5b97684677b21e4baaac87aa96506b8612

    SHA512

    08473785c899fbfb1ddd181d0f8f4fe3f0a6bf26d9396ccaaa77d1d0bdbb0f8b2d100972c36d17a10ad52629622ad2615833f76490293bb821d664584a1efc7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9cee2c4210438f3990837c5cdca9d3e

    SHA1

    b51174f6d4fbae6010ff5bac2a504b1619fcd7bf

    SHA256

    045db1119996f98b8d9659524b4d39084666c319060847c820efb507c2855d65

    SHA512

    cf403aa55e12e7aa1344b95daa247e6047884f426f3d4bcf0b4f96a5e09e6413324f5208aafb5873dee2b752543fc4f4dd1e894bd536e26c2f935e69123fd190

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    433f22f586153cc492c3b0ed1dd1889b

    SHA1

    d71fd96132f4cf968e77ab7005f0b39a698dee2d

    SHA256

    8c299ca59c21ca48287b3a66f41a8562d19ea008d0daf388a332cf1ad29a3ce7

    SHA512

    0a88ec329594c7dc976e86a1acf1faf9fcf1e4432b4f1f202f8bec7c62e3c523da3552e7826c658753f376acce11af9fa3bffbccfe0714d3222c59206bb4109f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abfb5e58733e9aa8da45c4e4ec186f69

    SHA1

    0308e5532323f68b918004fe7149f65bc0b83572

    SHA256

    60d991482252ae9fda971bc6ba074f8b12082965d15214b1ab77444cd57806a9

    SHA512

    9c6cf6ccb472f59ef1eb702dbce302044f2ba2a470d2266328f1fd44c11767aca02767fdc57c8bd3f4e4ac36ba81dcae294f94b6bbafac03a0e467ab70ed9913

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6C3C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8E7F.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar91AF.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit