Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 09:40

General

  • Target

    9553绿色软件站.htm

  • Size

    861B

  • MD5

    03033cdf475f981a1777c0fef43f8700

  • SHA1

    8ba65dc9adaf9fdcaf86efddc4c626e2cf26668e

  • SHA256

    89439c037b34a0511f794c1f98e8a52a64910dfb8faa93e62522b83a98b327e9

  • SHA512

    edb1b1a710733a2eb236e2d2920884754f88846fac4e6bde1fcf98d719db1211eb9b9f4ee18a560e9a7243b7caabccbe642fb8e02db4fd62c6d7b059717d35f1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9553绿色软件站.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1956 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c0040db34fbda8a0cb14f74b9a45f3ca

    SHA1

    5a139d23506487f72d70727d13e64c200c7d1d6e

    SHA256

    279c4fdc07c88ede508265f79cbd954fd31f6646a5ab0a9f40685c8868e01c26

    SHA512

    545e3eb98660dae196de52b5b8123b574f59b5b4672f386023edbae79da79dd411d463501e436cb6ce5c8c10bc21c85aa91d6e83979aa4d3eb1fd1fe3f4daf3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0c0f9d8c4188968c21dd082a10f8ad2d

    SHA1

    64016f0f0d575b5852fe984d5826c4d4a4e72168

    SHA256

    7be2c5ae0d4b1ee750c076e3e3a5b0eb5d4ba6086d304593e1211abd309cde5c

    SHA512

    4eed984288b156985fd4d9fd8d2b6368d6e118e7d26b2f5e9a8dadcf8e2fe211bad9549ebcbf60448712a8bc35abd5ebff6d1a7e233dab885eb3cf0838bbda1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d98c851243d884c2b91839a34a0ab903

    SHA1

    fd2f60aff6ba28e3028089003a360ebedd0c6253

    SHA256

    743fccf600011aeb2659f58597a768afa68d38f38d385e68e6070a7cff1bed52

    SHA512

    dd737ebf42cfa3f5ff85ee6a26f7892ec0dd4820c141792e739fbeab534ff2fa2eca4489eaad86cd00136830db84574c32eb862a0dccda56fe28377a4b9dc7bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1691c553efe1f2276f55833b68537302

    SHA1

    7e58da4885527030190b3f3f8eed4d7e9b0a2e74

    SHA256

    6033796bd41eb33bc1d37c986d194613405a89718bc31f04e03ef90641499af6

    SHA512

    7a12e85a38f50a56063a1b3cd480fee4910184149b0a9f77cfe459fc238a48e15861fc84d9ef4fa42dde20605db828225b1a0d4f5977083edb5b2cb82ec643aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    50dc325e3148cba9c71adece5a1bf2fc

    SHA1

    bddf7fa2cf9bc7ff4a236b75596c4a5437d7c0da

    SHA256

    bc4a5e625bbb339c2901e3f3629dd2d1f32e5b5cef0ae6786c25d64692563784

    SHA512

    fc10492fc408b446d6d9d05fdc124854f6b359024cb4684cead27815ad806f070b5bea38e3d7a58e4cf95634d5cd73ff95404d28b0970e35f092310e338906ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1d798a3bb4d0324db63219dccefee36c

    SHA1

    0548e14ec0f949699ea11688649d01c312d3f8f6

    SHA256

    6dc9d28c25def0b0d13481cb9e45c16c8afdd217563bf9d3c9e0916347bf8de6

    SHA512

    0fbf875eaa64b6f9030a4916919e4d467a66ca10312093569010df6e6328af2ce3112f31380e1e0683e1e923e2f50b3159be8229146ca4345fed81862dbe20da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2753997876fe4ae841ab3d236d52ae9e

    SHA1

    edc55ccc13479be0aa60d87e9948e844765f3be9

    SHA256

    45a5da44763b8889da875e707e3ad4b106fbf266932a065b4021dc4245e5bed8

    SHA512

    dd99248b6e43ba70181e76aaec7d3d905f577215fdc135ef71071c02f93d5a11284c137f310071f4a406415a04d6d9b1223f5b7920b136ef7eef58e876ef28c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b98f702c0d33575515c1e19871ea829a

    SHA1

    630b6f78da9b19312dbce5551173931e771f074f

    SHA256

    9befd5210bfffe9526b2170a26c3b9d140ac68ea265f60aae7957eb9514b2a9e

    SHA512

    b1a8750b1b804e21d550eef5bdebd1c0496688788fb4b96a7ffe0925c4ed554109686d84de3c3b04ab7dc87cec2032a53f2076a67a99b8eb5854740ac1bda3f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    012fea01f8cab4fce08935da2ef0838d

    SHA1

    ce9c5e2081d5b541fbcc51af83e81ceeaeef9b3c

    SHA256

    5a59895b90de1194e1801856e396da6f0fda5f6a2adf9fef6dea92d2c82eb254

    SHA512

    8c2ab032d3cb2d34db02ae51e067985200eaf4ed97f8223940412b3acc8da64638385e82d6b42bf4110f0c580921086f36d0f9d7e60ed302431bb1e72c59bd3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e92dade20917d6c2992d08eaec40c03

    SHA1

    a90ea7d3a2f96d0e33f9c992c51000afcb653b89

    SHA256

    95a36632e5ddc6010f45a87dae08e53b06696610c00f4a847b5164044543f873

    SHA512

    53b897593a9b899e8ab221f9498c5947bbf16d7f1c7f2c2b53119cd43db964bf81cc21740031edf5d08b1415e424dd6f3d710bb0d0569869cc63ed0da37329e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dfde74680d0977cf3cdd64161b83ab41

    SHA1

    78bb7a05f3b07111c053cd50e5e9c4a458faf3cd

    SHA256

    964074e2b9f1a6283f8d684ab9cbf1b844a56d6730135cce9aef80318b6cbc09

    SHA512

    e92cd3af1c561298abb288206b973428e3db7c3f49737e83a7f718d6762fd5fc256fa50058628747ab8eb93fbfb19bcbeb341ea9cde4d672cf89fbdc6194ee67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a47d205c22dfcb6b50fc290cd94ef98e

    SHA1

    0f03a40918dfbfb6260dc67fe39e5210bb432d4f

    SHA256

    2aca06730c3fc6c4f139847bbcfa02123cd6f21a00755906416839ce7950bf37

    SHA512

    e16a44075effe03a8a20a49e72912c8631c2e77b1ed7a9720ebab9e2cfe5c5283f7c8addb6468c88d30290126b6c18277215bbbc4264f32d1b6c49c8f6d8e15a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dd8543e46d4a857a35e69bb48c4e8b54

    SHA1

    55ad6dccfacb0a54f83d0aa9afb2efffac4d693a

    SHA256

    aaec86542e7926fb72ff29a9268c03fe778bb7e9bab31a14306ffca9d51af348

    SHA512

    49f0ac29ac8d50f7da035334cab175480de61863d4823b10af9bbb14feda9e1e39bd516544132d4ec26d51c84c4a7becdedd02ce9b191957cd0ff7a187924a48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9d492c418632ed6c3496ed0271908e9b

    SHA1

    c2b3e68bf923a8d63c9966af5e5eafdb10631ec2

    SHA256

    ead352d7108b53e6403fd342434203ded5cab8f20965d2a46d69e5686907af32

    SHA512

    c4f57cd320ef47beca5f224d1180891692cfa6cd6c9067c20310c3644b9d742ab011caeff7521b88873de33a1a0b9171a93a2f625b6c4a6606eaa7d1544e1981

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9fabaac658602e27fe3dd60a943f37a4

    SHA1

    03840ec6ca4e04c3cfcde66081aef0b8d2b1bb1d

    SHA256

    d3de03e75608fc33871cd3400d61f2739a6e8619b4086fba501f31e975ea355d

    SHA512

    0048f46e0e1fcae8c145bb70b31c38ff23d69eb94d6adb9b74b9c9310203c51969add1b9ef57c5943176c94ac5a8ea9feddf7a44902b842d285a31856818f39a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    76c0d59c0be5354f447e54710d3ab8ef

    SHA1

    02ca5ea20a695e34c0a19056a0f64693e21e0b74

    SHA256

    dc1a47e434fc72ed74f4c0ab9fa89adf8e765c487b9e04f9447a86b43097d68b

    SHA512

    3c9b589a0b41c2c58e7c89c35eb53317f7d94121c5bd016d5e4fb020e0eb470e53408fdc82fcc776a261d5a33f08dc9446c188bfb60a1f0e8ab789722d6c570a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    67fb9a87f8ee8aa90c1853b48f272cf4

    SHA1

    f28a1015fbbd26e6e352d95a90f1bfd587ee9844

    SHA256

    85b7b954872b23560df65a4e0d29d0508d0a522bd8e0c54a509ad918e267ed65

    SHA512

    cea55bd3d884ee9768c38dde67099d77c2a47890cefe4171c96fe8107c41f7253b8e1c5a069393709b9643b505df45e5c462217e7fe0696db564781b915087e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    631bd4a66fee67e21a620cb0633fb585

    SHA1

    d51e5deca1ff109e003fa81b945cce38b553981e

    SHA256

    b22fc8346871aa3ecc6bb498355d01a954997164579f3724f0933aee73448b9c

    SHA512

    09f5c8e667615c91eb3b81620c5e8903c10fbef6f10b295ec56e4bdc063e0c9bcda303f77ebd3811a5b10ae83de661be62cdd395924173b37562241d125e5c19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    edf0aedb5dd7540b11bd27d4ce9d3d27

    SHA1

    dd163c8cb8911cce226a6fc13c44291424f4441b

    SHA256

    7971254dfe03508ad7f980351bf6da43c07272a71983bfb3fa433229521fbb2c

    SHA512

    fae03700d77ab916817ce0188b8e9f191fa0acfee52f68a7a9e74fec78030712efa1143be0a45adf4e1be85122341276667baebd7fc11496469b0ef6e121a5af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2cb08268c9236b60913c7b71afea94e6

    SHA1

    e7c2b32c4f0be0954b8f2e9529b5b0c36ab56ccf

    SHA256

    f18ae6eb7f7039bcf693981ea836493842c6075c6c83f3004b6f73e5663425aa

    SHA512

    f9490274798995ee04c6a3364643db66243b07c9f06430c8dcd7a0bfb645f4f40134111d78c3d6be2fadca800e3c48272915a1ea98a48c22826790975908cf60

  • C:\Users\Admin\AppData\Local\Temp\Cab34F7.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3549.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a