Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

e40cc6f16d...cs.exe

windows7-x64

3

e40cc6f16d...cs.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

agents.dll

windows7-x64

3

agents.dll

windows10-2004-x64

3

atl90.dll

windows7-x64

1

atl90.dll

windows10-2004-x64

1

audio.dll

windows7-x64

3

audio.dll

windows10-2004-x64

3

core.dll

windows7-x64

3

core.dll

windows10-2004-x64

3

defaultUrl...s.html

windows7-x64

1

defaultUrl...s.html

windows10-2004-x64

1

defaultUrl...s.html

windows7-x64

1

defaultUrl...s.html

windows10-2004-x64

1

defaultUrl...s.html

windows7-x64

1

defaultUrl...s.html

windows10-2004-x64

1

defaultUrl..._.html

windows7-x64

1

defaultUrl..._.html

windows10-2004-x64

1

fileclient.dll

windows7-x64

3

fileclient.dll

windows10-2004-x64

3

flui.dll

windows7-x64

1

flui.dll

windows10-2004-x64

1

los.dll

windows7-x64

3

los.dll

windows10-2004-x64

3

lregistry.dll

windows7-x64

3

lregistry.dll

windows10-2004-x64

3

lstart.exe

windows7-x64

1

lstart.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    16/05/2024, 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    defaultUrl/teachingres.html

  • Size

    11KB

  • MD5

    9b3210b89be540580aabbb09c3d21314

  • SHA1

    5f19b0fbfea2638be25220aedfd82848068d388f

  • SHA256

    dd03b9fe11bb200cd382b61643bd7ec8e580887d5470ebea93dd4ef55507467e

  • SHA512

    442c083ef2e8e7e1e8691bb1f942edabd9c3e355bc9ea6084ea8738e8d4bc6b2bea08593a325771854fa5773f001934fa57196b05e79470bc11095596b531db5

  • SSDEEP

    192:SuyU/YLXwVhg0Rvv2pLodJ7jtQI6VDf+Jp9dea:SuP35qLot5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\defaultUrl\teachingres.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2412 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21f4ce6b0c2fa6416a1295303cc09308

    SHA1

    4d91d46aaee44d25db0458e644021c3170996ad0

    SHA256

    4a91f9c4b36e4056e456b846b1a45e54ec63dc87389bc83a7d198f8191683e5a

    SHA512

    c4d40b33253bb78ebbc783960db1e23f208a97975d2e81e0cfd9e9ce68d5159b412d797c4426706adf0da8c6fcfb91d9f9969ead6ca21e4354aaccbc609eb4cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4efff3ac517609c0ad7135a17e081e7d

    SHA1

    36443c73aae5b36735cbb46b569213663cd7f9c4

    SHA256

    dd68b22e5a9e11fb93aeb5b46f3873f9750e5c61f5b1f96bf5e0097cd2a8daf0

    SHA512

    a4949773a242655c11b46e41db7c541d56113dbd551c6a84addd8c93d0a9d6f45b2e66445b0428f8721458516bbdf1b683f6c5ee7bf58da18233e7d6daa07d01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    841bff524160048f5fb8a55607008697

    SHA1

    91f7441374876c0d9583e21ffedf74dd65037801

    SHA256

    a25eb3e4b54cba11a4884440e29b774c34c8206e7f9de2a84ee0c367bdb6bfbd

    SHA512

    74f07a54b06c811b4bd0f6cd77a462ed91e016336a096a7031c69169738a52863e9873f16de199dea286d24ef59c3b1b4f70cdf00b697a91bb5ddce22f1ac96e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    475721703b141ba4d1e4b92481d3cdba

    SHA1

    9983104fd6fcf8367d515c7ec1e42bbaec69f9cc

    SHA256

    980b9558cb7f2152d6a5d9f16ef2611a1b80170c2b85ec9f2045a22d19fc7ee5

    SHA512

    4069ee8f99e284eb00cdb84a2ac1c5836fd38a989b50b49d5529e81e7cdeb19364f3260e013d61092f02905f2345a45031d36b677a3cb94af2c55c4087ab70c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8711b8cb14ad3214ae324193c134476e

    SHA1

    9adbe73456ffecb24406f27a23b90f64e5d54bb6

    SHA256

    0e75528606d9fed2e5f643d731852df7f3471ce3e96e4f1750fb6e3370da120e

    SHA512

    c03171fe27440564358735a012ee0f9c0fed13c1d9ceec064cc7684fb37e342d08570b0e3dd2e10fca80628c725dad97e70d85d6a7820c0c6e366d7ad8fbdb9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2659d6db2c1a4d4baadec2f33f2a8b27

    SHA1

    405e82512be8c4064fd3ec83e4a3cd40bcd5fece

    SHA256

    4d2647b5cfba09f9a380c919cebff2666daf63a804cb4628300d026bcc62db30

    SHA512

    1f412c218756c42ecdade40244c596dd79b569be0840930655e3038120a355c97fcc88cbf6f4bc14b773343c636d3bd338a8228ac0027a4368a7bc5f6bbf6b17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ced904e1861fe2e9c08f78595b63855d

    SHA1

    273d4f34ee6698a3e6803519b4d83f4c7999ff6a

    SHA256

    a7ca6a40379f75b074e45ef0393c077166e89dc6f40d12968b4422fcee6cb6bc

    SHA512

    cc9880af8fcb62b5562956efd18d4d780127d7417c26e1045d226897041d04d46c8388e298828b3f2159ba59d295da6aa2f5c11aa62c55c8adaf2e62cde57243

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b70b220d09578c10de18a4bacec630e

    SHA1

    18311a7c2b0d9caa35a416761f887588aac9c3a8

    SHA256

    47a2dd9cb65937fe2ae4a886f77e37707e823168d7c67e4a803baa55361543ec

    SHA512

    40d6f813e7e939d11ff01a2abc10af347cc9d651db4d53764ba00d0a28c255f8aa06097278bf63f8ac0ee0e9bc06d62e9aa2713890e5f061d334ed225a6392ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fc6bc61490ff7c716c0ae94014bbe7f

    SHA1

    78ea9bc9399dbd97d498a6d39062b9f9ca08a654

    SHA256

    73cd4737daea4199aa93cbbe65b0d021a43dbac122b5a216bd62f12a392f0efa

    SHA512

    a100c2c840c31d34f56af323fb790c7b7ac2061a2c042857fb0450a70aad69b5b326efe8bfde3e3689381ff25111bb4e7b8c25082405710d6c86465f914459df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e78f97a264d965722a406c805d20155

    SHA1

    ecf0ff8c626afc7e37a78d41c6bc65adbf5a1ab1

    SHA256

    4d3659c5ba0752bc0212dd7771f1dfa63b0d14b24d72615d42ba01de4d065d61

    SHA512

    44229882e55f1fd750a9fa203c40bb2c87872200eea77e77ccc56e53de81be470063ac04b34288c8d0571cc5126da682150aeb267ee8e7180774d8d86dd7e564

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a5e039d6a7bc9d5a7a8522b146683ce

    SHA1

    53414e78b9057906556b1e070cbda0ff4e660912

    SHA256

    0dbcd39d3802e97f2c383256b13c60eb966e4a1d2c1b9a7cdbfa3a512548a5e5

    SHA512

    9cb3e92ddf13744eb65644e482f5aa24da5c610affa6db686794c3d19f35b1d89c1e1997a8867b7728bd5134da552b9c814aee917664979844a386e36eb9b689

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c828c3536e70aafad096058ded2c492f

    SHA1

    44610fab3548876e83ec395c66f6e6feb8fd8297

    SHA256

    fcd8e1176e848e49bddc0c10a5bd975ef2b73b8dcc69ea44dd54bb5eecc27ad3

    SHA512

    d360a6c2e78c9d7c2a1ab03ee085451b307aa4b898858416c5d1a31cf242cc1133b8ac69fc733b38291b1690ece4f21411c2a6e1c2f2df9f9f3b78f2685d516e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c58e866af4613210754e367601dc4b05

    SHA1

    5d5301aa05c19d03d290c6d332fdf066de10a333

    SHA256

    5514ed792300f57102bf9c44851908024043df544099adeec9cb615c6a47024c

    SHA512

    b4bdaad416691642a67e46a5b1ac9152ffdb9a036e539b2716ed79f30556694059fc520ee94a24495ac86c512b34733c26a510f08310ee1f096038a2cb641947

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aaa32873067787864642deb9c94564ea

    SHA1

    c55166b40ac7b160ccaccf79e5e85c5cd2ba0ff3

    SHA256

    89d75b51c8f2f41c235861bd5f287b70180d17c3d6b91a68c5d287af6d62ec36

    SHA512

    f5e3cbb77aa7032cf3fab1929e0fafa358c9b83dc6d1965241ec3b2ce4244e85e40115535d191c4cd2c08ae6a67b52e3f855a5eeb1ce96a4715099d79cb39977

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9b3b629d416e3cc9851f1485a12230c

    SHA1

    c64f3ed90693f425fae42d7292f2775a0f1c335b

    SHA256

    a1b4640958ed5c39d9ec26cefc17f53cd1af8d24107b0c31e9c918ba6fb245a5

    SHA512

    3c9a671ce9d3a32d44c4290f6f36f077f07552d797325dcb35c3195dfc1269639a1ed2df708b5a7a03271de3fbb0cf08acf2dd29d2793801b11bc69131f4c399

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33a819116715050f3be35fe9ebc5ced1

    SHA1

    115801513e43352dc454f3b20c4dc6da6fbe798f

    SHA256

    242f2160d059cd50cdc59a098d3db34e8e574bc1c15f2c5dccc30cd1b8feabfb

    SHA512

    01fec41b356a84218d2cb54db1511a9698ab1621f4c81b8fe174f539a0e53e842fea0aa75cdf015f2f50ebfa7f4099e47b6153b3f267e419831638b109e9888e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6057cd90d7b017f2ec26b20920b7cb04

    SHA1

    57a35acd761c1eaf1422aed2dc842c3b609df7e2

    SHA256

    e55cb241d6b4306e61f58a71fe5c96d4ad311e4dfb0ed19b3605c961ea38b7c0

    SHA512

    70ec2523fd143df04189cb9fe534f3a723eb8d4e21ce40865edb6d2b95b0cc7cd4feddb897853f69d970c682db85ceb78105d3cef7bef03756e033dff604b616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b43ce52c5e579702f41c3733821f5a6

    SHA1

    516255633efe47b25c70e3a82d415e06fac3e396

    SHA256

    7394013942671427d38cc9d6368b4ce2a8eebc0ef56d2d796188136ec23e74ed

    SHA512

    66de1f64d4187196c660445badf64a04cdcb8c0c9eb70c008832975b70d9d4469d6160b5627a1b82d70702e2ac4b526298bf26fc65b795293e2bac13d2d65efd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9134e255e9540e074d3abf261786239e

    SHA1

    0d06389353b4ae8dbefb29d786d544584fd43779

    SHA256

    965ad0b8c0d80a1fc56922931420701a68614549bb73d41651033a4043e90a7a

    SHA512

    22150a6fd6b2954c88c001adf5062146acee8c3bec1d4acc5e9e4142b336a38cd51a56e74cac762be0b24c6b144d300851588c78b1c32008ce903d8b73804057

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2F7C.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2FEC.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit