Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

e40cc6f16d...cs.exe

windows7-x64

3

e40cc6f16d...cs.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

agents.dll

windows7-x64

3

agents.dll

windows10-2004-x64

3

atl90.dll

windows7-x64

1

atl90.dll

windows10-2004-x64

1

audio.dll

windows7-x64

3

audio.dll

windows10-2004-x64

3

core.dll

windows7-x64

3

core.dll

windows10-2004-x64

3

defaultUrl...s.html

windows7-x64

1

defaultUrl...s.html

windows10-2004-x64

1

defaultUrl...s.html

windows7-x64

1

defaultUrl...s.html

windows10-2004-x64

1

defaultUrl...s.html

windows7-x64

1

defaultUrl...s.html

windows10-2004-x64

1

defaultUrl..._.html

windows7-x64

1

defaultUrl..._.html

windows10-2004-x64

1

fileclient.dll

windows7-x64

3

fileclient.dll

windows10-2004-x64

3

flui.dll

windows7-x64

1

flui.dll

windows10-2004-x64

1

los.dll

windows7-x64

3

los.dll

windows10-2004-x64

3

lregistry.dll

windows7-x64

3

lregistry.dll

windows10-2004-x64

3

lstart.exe

windows7-x64

1

lstart.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    16/05/2024, 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    defaultUrl/teachservices_.html

  • Size

    17KB

  • MD5

    a0b6f2fbaf8095f407b0b2530d0524a4

  • SHA1

    d2f9ce10a886a7755f8b3ccdac91bdf1a629e48e

  • SHA256

    db015f8f3715451c02a5ec385dc95e6297592740e04dfb7505137a8db6174103

  • SHA512

    b87e2725c297f9a19fe8e616deadb7352ed638d5cbc3a92a56b58fb11827f75dd2f3e3cc14939fe0856b073fdf66cd53f09c8e417e63858c3e2b2dc8f6db0df6

  • SSDEEP

    384:SIo5mZSzhNLoXOLoOCLoBMLokzAPTH+LoZzl5VgQFvpMQFzP2wQFK6SQFEcjQFbv:SnR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\defaultUrl\teachservices_.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2536 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4035504ca2b3dfeab56e1784ffb0cdb

    SHA1

    0afc8e95fea1e46a3708061e32191d710c96232a

    SHA256

    a645c77acc44d80d517fcfb299314c3790eaf749ac1ad88daf7e6615d89b2b4e

    SHA512

    a052e1c410b23dd1c2cabd95cb119fd14ccbcf71280b1ae397d247925f75f3da88533ef17dfed8efbebd7ed396d4b02e842feff4136ff447965c37e980cfdab9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0284d44f604915f139536b2d50ffcdc4

    SHA1

    c8a49d437af6109d1fe96404fc42dc719d126dee

    SHA256

    30d2da8d013f88f2bb366def57800f53ddb3561c71174bee132c10cfd5f0e639

    SHA512

    87a6d747a9792ba9bcf06a8f4f0f256d4bc0898e21ba73102b193f371128ac1ac936e03bfb01536e94b4407308a98728579b0669497c34c4b42a72e3e65d0e95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41ef696b77b4f7014e5255b462aaaba1

    SHA1

    e1dd598384d0c9c5d44070d381235435ae9776e8

    SHA256

    ed0f3f6ee26e50e8caf820ab9bb066366e4e96137b62d68e31bf617fbb456fa5

    SHA512

    3420ea887892eafaf9a636ef34551ec9f9cbbbbd9359c4e0b01925e0edf8e89eb4e1494725d50a3fd8e51f460067a4be5d9fbcb883ccb163f39c439d5bc84bb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0de28937c1f7f175785aa7a263da847

    SHA1

    e150393f6af9bdac3ecb09c16d956f60ce5222ca

    SHA256

    a369d9d8593a7d470d8c1698017d426bbf5309bc810a467c73cafcac47236019

    SHA512

    943500a4634341cbb44a5e95a707f0bec7d709e71b7b365b6dbdc745da25421ba8164d8ca639a141a2f1f018af6aa9b26149150687b37a5ce7482fee95d88205

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3bcdc70865e387678e276008868d67c4

    SHA1

    85b62c6e06f2a2ebd135636c33fbd1f1053ab3ce

    SHA256

    d65b7f37d19c8db44d991352985163ff36fc7893b640a0864a90c627106b5c11

    SHA512

    c4d7efeb7b3976189d45b8376aa9afc763518c8637d6b8952ca97e4713657bc76fffb4f9da6afad904499eab2f73a49cfeec8f1a45c6e3dbae4e2ae887d4d2fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcb63c25c8336432626220f6dee6576d

    SHA1

    84d56d4971ae5bb75c28f73b7a3029d425fab23f

    SHA256

    961eb238d67a215eec94e2cb82faae0dd942261d4a28bafeed1d038f8d045bb9

    SHA512

    25830562e85bdd9179d4e0986fe58dde310cda722c0db0be5e386591491665f7e59ed843bc2538b962c62db80cd8d705ccaee8ce9222808565c48fd19b928c88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    894be426a52701739ab464b0a6cd7369

    SHA1

    642a076e3df7d62d32bf681934c4796b7dddf19b

    SHA256

    5f5e463cfdd8f735f123eaa80fce9d9ad601937622a104a8d507f4217cf4a0a9

    SHA512

    8bf4473a6be23d7866651eaab160ae77d6ea10dcfb860316b671ba02c221d6f340a5e04ebd34d05ed0a088cad53f1ae39da2e5bffe90ef4a2a2e62b49e8e5eae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1f7244b6c1ab6254adf1e78f3c9c24b

    SHA1

    317e8b74e80778b3507458cada7860d5191eeb4e

    SHA256

    a06a5458604d3bc4ad33424ed518debf0e5eefe835391b315b382f918670143b

    SHA512

    74ef2837cf980ea3952d0e510b5857378cea4b65988797caad958df04a57791d0a12aa7f757da20fe8e1ce6016726900b95431fd010b2ca5f2577857cc97999f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4792a72a349cd3f4a059c514233a57d

    SHA1

    1d0a1c2918d8ab94a21dc9d32c4f77386cd45e45

    SHA256

    4ef9ae6144db74cef995b8754ee929782ac8c15ce3c6dd5f9b9e803d751b742d

    SHA512

    a8415e2946563ba26957ff6bdc83e27f182ea7468ff1d288b96cf6c00af958b41c30248af65ac18e6e9352184936db14590a33677743717d0957c37a123bf469

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7a9f20a3a2da801e10141c0ca6317ef

    SHA1

    b7f35550538b8f113d1586c1770b05f936f2a0a2

    SHA256

    0f57c5f2d37dc931a5ed131925b0c7f111bac78c580b04a27cb299d46c91a3da

    SHA512

    0e4256883315c3376a5b98771127cb1d9a01e1dff3bca45a6779d6af3552a6c847040116c6c35f1b980f67a7aa608113138dc34262debbfb17bbd33567cb4022

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    050603d6a57673a5745820404da0087c

    SHA1

    ac8a5ea5de368b5bf8cdce48782391f0b1468e1e

    SHA256

    b37f0e68fcee67ba0887f83e99796d6c871f33c2ac4fb72daa51031ba714ac58

    SHA512

    398d3b382e29313eac685ee4d5f45d469dd61f85d8f18f13c9b32badba3a549b45bca4520a7447e76110462a50ee7d6ad0a15878064d82bb699e1348df37ce4b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4119.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4198.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit