Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...5.html

windows7-x64

1

bahs.us.h/...5.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...dex.js

windows7-x64

3

bahs.us.h/...dex.js

windows10-2004-x64

3

bahs.us.h/...all.js

windows7-x64

3

bahs.us.h/...all.js

windows10-2004-x64

3

bahs.us.h/...ns.ps1

windows7-x64

3

bahs.us.h/...ns.ps1

windows10-2004-x64

3

bahs.us.h/...eck.js

windows7-x64

3

bahs.us.h/...eck.js

windows10-2004-x64

3

bahs.us.h/...log.js

windows7-x64

3

bahs.us.h/...log.js

windows10-2004-x64

3

bahs.us.h/...ons.js

windows7-x64

3

bahs.us.h/...ons.js

windows10-2004-x64

3

bahs.us.h/...es.ps1

windows7-x64

3

bahs.us.h/...es.ps1

windows10-2004-x64

3

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17/05/2024, 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bahs.us.h/error/index.html

  • Size

    19B

  • MD5

    77e7562bb761bf92388be0d513da5818

  • SHA1

    430a26c2ba4865d98719bdaeb920f9c54ec7d848

  • SHA256

    968b4bcd53cf6cce8c678329ec2a8a45e9f347e156113cd43c2cb17ff8602273

  • SHA512

    9dcf3a311b208622e2e5ad2ce6d20b7b3fda6a9e94083d75b77384ff96e457b9506caf6e5d38a4847642a49385acd5503052200cb615be0b5aa4ccb4685a65d0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bahs.us.h\error\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2256 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2500

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13de2b7c49c53b02c283c297abfc6855

    SHA1

    d55a88a3c2445a5ac9e811681b35d672dd5813ef

    SHA256

    e23b2809ed9b05d7d8dc99bd50052245aa3906b96eadd96ebe9dd4a9c1a31905

    SHA512

    b30fab6db18abf30eb64fc5e883c33980c8620d488db5066dafe6ad6403c6a9a0085258ee7993bb7c91d57b59616995395f64b34fd4efcade27efd92b5da1098

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a531ce9e766ac2b2e384dc0bb6dc0aa3

    SHA1

    f5729d92fef54a4c6c9e507b1b2922a6a9054b74

    SHA256

    655e1d25bfe686439f1233e955a2e0d1ff0a141664d1d4600ae7b6ab90040e8d

    SHA512

    a90fe8bb7702b32a3a1fafd481d14a9557c0f43e24cfb21ce074824aa9692baa96944ef6c26611cedc4e505826d4378303dbfcb4734af2b76c43b20d7922107b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d012094c544e67901b24b21ce455da7

    SHA1

    64284a2df6a3f33ff0245192619184d86a43f640

    SHA256

    3d504113948a03d0a004c2cb625c8dab182bcdcb0947ba4611a7a93fc5fa86ae

    SHA512

    1fb3dc342a66c041acbaa999b2b9c91ecf97b74f86619efd262bc59de7ceb12915bcad194be90947462e34942adb8d58181ac099258a200cb1106134de8913cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d53744374fa619bca135ea20f66254ea

    SHA1

    25ebdd98c3c2408229c9c60cf02b52b5aa9a4915

    SHA256

    9e8573710beaa1d375638356f1b025e1e040163f89c30e9afd6441de75faf620

    SHA512

    7838310401199ae1a6e6545dfd3bb49801725a695843bc8c761e825c1e9c2582bedf93532d2160f8b43d3a5f6515f57d1a4b48dab08301138e704efa6b0ba6fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10f683b5a72565c420f847f3c8d6e07a

    SHA1

    d3f345fa287f4a83db468121f5addbd7177b4a70

    SHA256

    48a2e88f37a46acfc3b5db8d9660553e006304072297273dd957658d996409de

    SHA512

    686e04e9e095d213b8c06df6ba26741d43c1e6db5cdd5a11f0db6eb18c45c58e8e68ab66ab818fd0f40348ea68cc4e6f8db3aa1b2b8abbfd4f905f8fdfaa812c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a518f84e3bbef7d5d8694f9255f89f2

    SHA1

    b4ce8c7061e57887f9571246259bfb44c738aa63

    SHA256

    47d962e63ae2444a5810f01f4cd6484a2bc26d508e40282c8dc0645db74aa348

    SHA512

    c82f25b4a5d0ecbeae100845312c9c4657b58a19e570f608e1f047d61b3edeab9589608f09931899557cb8126f42f5336b593d891e179f00e5d0e12994eaa6da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d40ee87ad41033f4bc5bd655b66d54c

    SHA1

    ef3f7c499306bfb39284313d06f7b4611405e316

    SHA256

    649a00a2d264c23ae0de11e09e5b477788994abc995b408fdf09a72dc6ec0b1c

    SHA512

    4ee987494f59654ba5ab57740abd295b85a33e97aa4e71e5917cba8971e3190d0cc751b37e306a73ae81878922caf6572b4aae2b9cc698771e89dbb68a80a821

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0ddc2851aaac418f3971bcb7adc8f09

    SHA1

    6416c744b8146ec4e7d2a352adb26704e6260614

    SHA256

    d258a9d6eb6fe3cdafbe45de116ec829fdc880343deed6e375811f8b719c73bb

    SHA512

    c08e982fb4eea4200cc83308065fbb4f00cf2a974024993ffc3ec4a48c1ba620e4e800c80d7954cbfc186e96446d1786f4a98f029e16117d9303dc53f1c23aa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff27c1d9c1a0766d22553ac54f440ee1

    SHA1

    b821f17f35d65782b91ffbdd762e40a54488c19c

    SHA256

    38df80fd96fef693256a58f78f178cc27901f113e6df304fb0660334ba291448

    SHA512

    5c99341159d94f834405cb8a3c4944881cd58ebe83cc0c3078055a8d914e6708eb9fa236e8c395c43a04a497e8ab104ad33c59787920e107ea75a7ae5d652678

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fe50aab7448d0532578d172b972d4c5

    SHA1

    1e93ad18a2b82a6cc0fbc1b5417e258c2705eea2

    SHA256

    88a49a327074bade792d4a06975eeef2444be2d564be4a6fec361012ced877af

    SHA512

    183c1e4ff7dfab97c6eda76a4dfac02eea6331b5bdecde888953243805755fd59335b9f8120351c7425137f1ef6a44d421108a36e31ee633f385c649883274dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d06f4f257e2de251316479f421154ce3

    SHA1

    c9a037d582595d0fa08367dc1d98d52a3fb472bf

    SHA256

    0dde51953eb869cde3e71f4b4e701e46a79b8fc849f772ff8c7dc610d4c4c294

    SHA512

    114297853a8c21508ab204d803abc84a16fb58dd6331a0de8867eef686e9f743bae2a989f42785488bf0cd9aca7ff0ead70138e84579616288d3871d10d9e6ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    618969e806609ce9ce84ebe5237485fb

    SHA1

    4f3c2ffd2f9c503a80fbb215b2b54a7ac93e68b9

    SHA256

    55a945a24634510c5dd07a6a86f55b60d8655f988f576844e5afeb9e1bdeac74

    SHA512

    afe3d062944e2243d8a37229c99a1e78572e3f0a88a2f0960f67be5d85d047a214eb8307c6e9e2feb8bd7ab0a34c90e912e294e4c8dfe034dd803b4588179da8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3103f97daf4a5bf617e429ae987c5eec

    SHA1

    458664a9fa283abafce557dc00030b43d111f678

    SHA256

    a135171a42ad0ebe85d3d04bdeda9077ddd40b09b2b59840ff0a15427d37ade1

    SHA512

    405b34260ff94470cf48b8db5cd73623f23ea6fb3a66429ed38bbd5711b55a3a18beadd62a78592b90b7d9a8df2a78f988db19bc420b5337790787bfb9349393

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af6ffa1cb661c3a58d18cd19afc9c8ac

    SHA1

    59b064f43b1ae5197d578f9fea5fb2c64a52e7ca

    SHA256

    6054a7ec986a71801fa316e81789b9cbb49b0385261623d5001a242b53d7d8fd

    SHA512

    5c36fe863f9dd8445b10e816b9901e79f1c7669737ce9174de386ed4df6957f7670347d796777c0df73ba28a90375823a885cdfe14162317ac2b1b43ebafdef9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a1f711fd85c4fe880c59a6e8ce1bc16

    SHA1

    fa880cb0d135250bb7c6957ea04b872a14609c3a

    SHA256

    7d44294786e3f830cefeefc8b325fd1d2e1dd2197b0d7b732e56413a2d74ff1a

    SHA512

    0756acd48c1991985d2d4d7960f43964fa019eab6163ceca2668e6d650ae2a880605ad46f017e3f371cc25625b70a3eb7b811c6a8a36c9dd61124b09b85d5483

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d4b1adc8ecaa8f984d2908a02187dc6

    SHA1

    0b9033bfa09113d2df8fdd7c01da59b8f4374f28

    SHA256

    159aaa3b10577ffbea3fb302dae64531da998e2753ddc2823bb3963961ecdd26

    SHA512

    049d92b579c688d3b2d631cf3e772d369d8fc741f89900bc96a7cc1bc2dcf5aa432c32f30f46206081f7d21ce14f0a7ef0d1a1122dcfef14e55875f71f662b4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b84bb017e87960a48e51217e63fbdbcc

    SHA1

    b1bf0c82eb8dd2927937eaea3865695faaf67350

    SHA256

    19a28629fe13f6c10f6464e5d300d337fa3a37e16e3d808983fb990a0b07b350

    SHA512

    5a1c66f6a902b5bbd43da78dac9dfe847106f950fbfa775e4f545b36993a771d0ed1d21b0d541da060b327e3b6db2428d1ac3bf10d46e4a46ba5ed228c3f1e1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1e8de8e40872074afafa31183fbdc62

    SHA1

    bb87e142bca8b33f9ba8d7cebb772dfeb9672fb3

    SHA256

    ef1b6f08e7f0cdc44adce38537c44b9e2268e784851895701a34b5705493fee3

    SHA512

    d77e01e402b110d92cfbf8e08534493afb1c90847f9da8ab774aebca276b47e1360eecca05d641aaf3dd2284aafa2d7d330c1be1413a0ee75f84bbb3205ef32b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3D9F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3ECF.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit