Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 09:40

General

  • Target

    编程助手2.5/9553绿色软件站.htm

  • Size

    861B

  • MD5

    03033cdf475f981a1777c0fef43f8700

  • SHA1

    8ba65dc9adaf9fdcaf86efddc4c626e2cf26668e

  • SHA256

    89439c037b34a0511f794c1f98e8a52a64910dfb8faa93e62522b83a98b327e9

  • SHA512

    edb1b1a710733a2eb236e2d2920884754f88846fac4e6bde1fcf98d719db1211eb9b9f4ee18a560e9a7243b7caabccbe642fb8e02db4fd62c6d7b059717d35f1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\编程助手2.5\9553绿色软件站.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2360 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8e390f8e45564c7417f408d55f389aec

    SHA1

    0ed7278c1e3b2da5b0de4d84e7d68205978f87db

    SHA256

    af51a4a61753adcabffd8ad9af0e0f36ab7a8da5a2cca86f41585658d741c99a

    SHA512

    51b1e84e0751eafba37914ba120a80d8b4deccbbdff06c2dad26b7c5c6eb9106bd6a124a5fac999044cb6fe4e3b86702b2bc3ac02b8a9397abf7d6b404316fb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c4d67de59aea586582ae2b12da18e94f

    SHA1

    0bf3e9cdb31026cfc0a1204e0a32aede97fa82bb

    SHA256

    a8f7c75cb794ff09105b14f4704bbc3f46e35d0112ba056e67d1b91ef2821d29

    SHA512

    c4af0c694cb946c813c5dd6e84a3d4f8c46873ccf0a13eeeb0e3f5a31d3bcc411af6ff6065b78930e0edd2434f1bd2b5eb2b3463336ba4306907b0fe065c6519

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3a26bcf41bffdeb9830d2400993089a8

    SHA1

    11a85a783cbb01009e4e8c0a8cf86d94d8b558b3

    SHA256

    5154d5edd36f4514a276277ddd66d500a0ed616f58cddd820b32e75b3a9b91e9

    SHA512

    f29bc39bfcfedb625bcab86969981912907e97847850be27af8871d3ad9b21af064fd3b696da7d7728dfc8544e9ef6fde23eff785683e1e69940f0b2536f658d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e12bf815e5cf66aa1a54750734f29bbc

    SHA1

    689432fe6075733604476d83b7eee6d0b719abff

    SHA256

    6da44897c359b6e1f36f17336705089208939d3b49630feb99a79e61cd06fbf8

    SHA512

    8d48a7ed0e3bc93cff359964b6a99c5380cf2e9703edc7253543b84787db066bd27f260a575b0fbb183e7fc27da163921a706f4eaacb27f552328888e6537783

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f946299e39550423c006d4a95b0b6300

    SHA1

    9bdf489c7e8be13ca4668dfaa7bebf8f444a4bbc

    SHA256

    249de763ef2fdb9ff80d7adba9930d4fe2b532a2ab5c3fa6ef1c3ec77674888e

    SHA512

    bd215da9df352fb37b40c681b2d6fe39c3fdf44605f7edf41746e02f78490d971582ff608dd318375aa36c16f68d4a72aab82b60b562f269691cb728a4190811

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    81d6edfa4b50134d3dcc61dc8f02ec83

    SHA1

    249cf785b9f082df712e7e2c28d0878511ffc50a

    SHA256

    01c1d9beca4512d0695ae7724f7b3e442ada74e8b178f1426abbaf050fc16c3e

    SHA512

    ff00bfa7a24fb91d3da8ba665b68d99bbd4715c86ed8663528aaa17582d5666965c01ad2b857436f1bab9d03f8bea7b6b7df0e46699265e57b00c26b2e4cccbe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8562d8108e23f694c97feb8b71ff923d

    SHA1

    ecee2dfe94bc0cd4e3f9d08d65dde699619a3dab

    SHA256

    0af10aea6fb2c460cf09de76b70248c6545f5e92085936f00b701436096fb9ce

    SHA512

    043209863f40723bdb2cb402efed60e1c55420c48b11f13143c0f948f7083218a5b29bbefcb2684cacd48b45b06949e000ed3d6838a5643b9f30a42eae71b775

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e935215477cb0f7174eb2398371be5ae

    SHA1

    bfde0492f69a96493c71af6591d8e4734fa5c8c1

    SHA256

    e2fcad4b1dab404b83cbcd75d77da23472419b35a91281ebf66c80e8e3a61dc8

    SHA512

    492c5ab0f5fec6abdcc3cce576f8d5161201ac4733ba6a71211271ee55b57779b91a5c960af63438ec2be87278319fd75595bc2fb5107919b042942d0301cf54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d1c4ba8e535b6e3e7e997f6a92ed67e7

    SHA1

    dfc970b06006791da3266f6548a7c439a086ae67

    SHA256

    327e6bd771e2de47a3ba28e1fe671f5e22856c8451387adcb864d8ea40c2d5cf

    SHA512

    2b713226a763c76dd688c563dea613b19db20738c21fa04a4bff536af95d2e294f03ca3a646ba2de1d53ca89bc2e576ea96d4ddffbeec3ca1c14c50613a07825

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    777d5f30afe8b72784ff78ab80af5883

    SHA1

    a9bfd6efae9189ebabcc4b174dad4870b49d9350

    SHA256

    45b8c81113cd79d283eccc9d3ecd03601c63fcf5970287b4c7822acf1e40e1ee

    SHA512

    4d8cce5bbfbf3c66087ea0262cc6c6e636aab01e2c33c86362a34ba5137c70e759a22c35935ae206d50f82ddb6e346f3672afa929ba25181dd3215385af5f55f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    49a572880f15b25e74b555be95a43c3e

    SHA1

    7c8b08164514f56b95ace0f3b8a773e5719ad3ff

    SHA256

    88737022b3493c6b51cad5803b422e90ba056ef17c1aaa0e81f6fb353c495091

    SHA512

    f7f8dd38be8e2e9ee8cfe65341617d634325be6a1ca73d3a3404dc6b1d5cbc227cc06a519bfebfea0683fcf70de6ac895ca9abb9d15830327201b3ae84d71f26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6c937e6b15fe81d53853ecd81c982f2b

    SHA1

    c1f8af1bfd5510a595831f50560fd8f6c9d24f05

    SHA256

    ccac3cbe97ea0711a8ef307d64a7c54e4d57c4383cbbed0d20b4a121f2b03790

    SHA512

    2ba6dd9d1c204fa9b523f1652b8fb185cf980f43833afd5ec2b7aed1f4dc90259e6e70edf4ef3ea7e81a068aff461a6f59baed1578729c094cf3f92cbb8c203f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9e027f67053f297524f212a53c4ec63f

    SHA1

    d33c42afce723d9099fcea15bdd76ee04c7a2bbf

    SHA256

    592c4777f2f28e6c40edae19e5cd0f0ae76872aa4f773245f7478cd9653a8499

    SHA512

    39385ec1dd7a6a95b3c18f78b222004aadc5f3c1802218cf4ca1215356c2a072f8b40ece55be82e24d66e7032f24072b7f73ff7e393818d0f70c005f8074976f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b57d68d8dc54dd7705bbc7154b8c9596

    SHA1

    6569e1403b6d8ba89e219803fa8ffdd82290f7cd

    SHA256

    03ef76b329e3b560e352a9c3c378d8107faac9feb94c52534c97fac089601a11

    SHA512

    1a410e3eccc686ace5926a38ce6303b5e6212ad4d7e30417bbfced4f47f9585c46c233272e7c94a14250cd341ca57347a36b7ac2f68cf67698d9f1fc3feca11f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a67d614ebaa35b61be3b39c026240a01

    SHA1

    32af842a3bffd50e68d7ec69520fad8c5c96d266

    SHA256

    2d851ab63dd1df938e1430dbd6f22ff5783ba5dae23c69944a46cb60f5cdaaac

    SHA512

    8e74bcd4744aa8779ba1152ea517e32cbd842744b03b9236ea77ffe5ea8adbce18b2575edf7c9fbf7179eb1fb64e904907e42c0df6914a1905b268800bf98889

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9a6570973bff4e60aacaa092db933374

    SHA1

    49c89641aa7d3025e6707f85e3199d22c5534639

    SHA256

    62a83a4c535a72c4845dd3c742a510ac3f8e700ad1a001b0ce848abebba88ece

    SHA512

    334cc682cd6f15a0a0473d44499f5f2cfbad0cea9a11b8922799354e821164e28f70f9995af12fc4fdbe632fdd6f4fd8ca42663e3b3f12f96cecf2b1f7b440f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5d497923adc4191d874fcc9465b8d206

    SHA1

    760edba89df4969a186309099111a4a08f3cd2f9

    SHA256

    db23bb4a10e6c127b04cde2e1ba81fd3d9d15ec3c5b24a7dd5e6a715c4806e68

    SHA512

    41efc0074a9e9bc6b77c67f454bddf0f726e98c32747711fd45efe76ceb2c77739733e517720a198804f50874dde70d2b077c17190e70831239722d4d1ea85dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    221eec1b0bc3b6f5c46650a82f0e949a

    SHA1

    f678b65a92c6e95f72beac323c3605a43a707f64

    SHA256

    b711cc676ad00d4dcdabcd9b9bed6a2f687b1619f14a7757208ba49dbbf5e308

    SHA512

    772f96c9747d63e89d40e5fdc494ba4a185f11c843f0942d289d9cfdd1734f2084d8522c532339de52a7f0a948bf64eae5ef88cd775902fae92528b218832fa2

  • C:\Users\Admin\AppData\Local\Temp\Cab36EA.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab37B8.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar37CD.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a