Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...5.html

windows7-x64

1

bahs.us.h/...5.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...dex.js

windows7-x64

3

bahs.us.h/...dex.js

windows10-2004-x64

3

bahs.us.h/...all.js

windows7-x64

3

bahs.us.h/...all.js

windows10-2004-x64

3

bahs.us.h/...ns.ps1

windows7-x64

3

bahs.us.h/...ns.ps1

windows10-2004-x64

3

bahs.us.h/...eck.js

windows7-x64

3

bahs.us.h/...eck.js

windows10-2004-x64

3

bahs.us.h/...log.js

windows7-x64

3

bahs.us.h/...log.js

windows10-2004-x64

3

bahs.us.h/...ons.js

windows7-x64

3

bahs.us.h/...ons.js

windows10-2004-x64

3

bahs.us.h/...es.ps1

windows7-x64

3

bahs.us.h/...es.ps1

windows10-2004-x64

3

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    17/05/2024, 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bahs.us.h/ninja/lib/index.html

  • Size

    13B

  • MD5

    c83301425b2ad1d496473a5ff3d9ecca

  • SHA1

    941efb7368e46b27b937d34b07fc4d41da01b002

  • SHA256

    b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

  • SHA512

    83bafe4c888008afdd1b72c028c7f50dee651ca9e7d8e1b332e0bf3aa1315884155a1458a304f6e5c5627e714bf5a855a8b8d7db3f4eb2bb2789fe2f8f6a1d83

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bahs.us.h\ninja\lib\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2388
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2388 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65d85e5eb2a29e2b40a852ca588c7cad

    SHA1

    563b5d0175f815a10027aa12a5a86790e43df481

    SHA256

    d18040839fd6db0128f97bdea1f79714a50efc3076c4297fbd74d4abff71e01a

    SHA512

    5f3b4c4747e617a34546cb012ae684d4870a325dd64da1a207dd12c093ebc98614db1a772a25168b6f97a5afa8b0d349d6f5ee227dd823c6ffd5197fc483d8dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f65aed64e69395c18e3e8e58a782b436

    SHA1

    41d79236bcab61bb01a98d62e6b84791e4bc284a

    SHA256

    0329a4a5745c157ac708ed403c00357c236d961d7beb60a2d294e3c7703fad62

    SHA512

    430f860f6d1f824a6ace035bc91390879af4b9d8faf1c2988f74f67a71f0d7029ff260f571d37f1f28f9889c68c88723f43e4db21074cdb42b879e9a65eb8378

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d7052e57854cf6b6753d9736a007782

    SHA1

    3140fd47bef2ed66a5926d6746f580b241427df9

    SHA256

    a900b7f09e943f34116636d6a2bb21efa0e2bc455016f36aa0e2f9a025b2b6d9

    SHA512

    a4cdac722f7e31f748ccdfc1c108e4adadcd3773c9bf7547c4471c6abc07edd937fcb13bc5d3f51092a9004798fdca9008a3d26a847d7a49bc9cfd891a301bf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    231890eeb1be3ea5885f6af3b65b354a

    SHA1

    f40787881399d567d2971aac8afb030bb45c6b81

    SHA256

    ae7f4bebcc9fec37a0c1fab1399191d72b20816f2da18da6e963e250cdfb7625

    SHA512

    c4e76691138854f99703a1bb79e39155ffc5d361b961e4278c551092c61043126e1f57603cb00f01748efedc74cfeb6d7aa55bb32c40a855a51ff48fd1a73ced

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bdd6d840228b94b19898c48748333d3f

    SHA1

    0a512c11430a0d53ed90cd1dedaa793ff86aabb4

    SHA256

    b18e9179713b9971bb22e82f3a9a01954ad58ea26cc19641a447d93626dad677

    SHA512

    be7761af6e8657bbd29f9e22b18e61ca74f2fb6f57e100502b60114c5323e68ee3a362e3d9bc2dfa901c8fe32a6d18598f26e1f7de4abf72cc82859a813e9264

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d473f094a96bc0eba23fb1b46eaf3ba7

    SHA1

    7d9c75888dbf2146133ab259d09739b4e691a0a2

    SHA256

    a735ce1447fb5dd07c1506cd7df9390b52e9393f6fe131ea83d289039b1fe7a0

    SHA512

    b4b57a9cb6a153a75707e620875db23fbeeaa1e8c5b69dd4031fbae3a16c8c1a4e8cabb4d143281d1edb52b87150c6656b61a327c3cf1f998cb638211db35490

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1935348c89ffe7534b97103a5bf9ca4

    SHA1

    434c04f64c3495a958168343ea0124ac197c36bb

    SHA256

    b46aae8db9beccf7b793099c49179d18a04dc62e5f5ac624c35ffad29d25b754

    SHA512

    016b9e68754211ead938ae900362e914d467e44186ddd40a1a1c82641437ca788068eec31a16ab4193fd18dce08865642d4b22d43e6e5069320395fddf544877

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ad04223136aa2d1a8652120678eea59

    SHA1

    dcedeff99e2b05eeaff83ca1d29ffa9dd185948b

    SHA256

    5b0bec7df09c1bef62ae911d42e7446ffe2708f163936199dbd33dd56386ac51

    SHA512

    e40878b2626c05f0813bfee862c3b18109f9d44c697aef062c14288eac3596faa26ca31e80a3e49e1b1515c15a233b8aa655db90ce9f1f562d7eb5fc1115a87d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da4650311c18d79d6041ad6ac9294ef6

    SHA1

    c7f2d2c9190cf8b6632a7ffc6e522d5fc228cd13

    SHA256

    94a030c0f7ae9366eb9917616b792cc2822856d9b8c510b28b9f83d68bfcabf1

    SHA512

    845323b1cff808bdd852817f12f06b76a132b0a92c4277653842c1fdc852519748a6b894b605ce1db7024bff409ab586f90e0d9d6af1a5d6a26c09cb84e53962

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    682159d425d009018e1fe56c67386b1b

    SHA1

    48dfe276b3ec32298856f4331216626f5a82f2e1

    SHA256

    eff2028e3d095b4306ee369238c4c1676ef9453d3c7c83ad87457ee2c2773c7d

    SHA512

    ad619b42495d8c034ab5a832443c749815c269b4c2d33d3feee77ccd2e28f5a28fd3b82f2b5f2e47ee8a2019ed919bebd2d1b25ca45b13eb73a707b617445683

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c6db7760dd4369761ffcfb288b39d1b

    SHA1

    012be46f58a53a449aa7366c2d90b9632a181bec

    SHA256

    08549c8abfd93924e4a59ed57ca37351d932896655ef998d47b02c506a60a652

    SHA512

    608de225d10bdbfb05b692bc24088063d18c0335fb7b6b73de657b42e6d5a64617be2320ecbb4ac6c11e06df87c95f7eb8ad52a7cd6a9099f2970083b7dff348

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9783444475857bac46295a42ba5c9272

    SHA1

    ce025f71dbc32b304b649b2b0c4bffd8d7fa58c7

    SHA256

    aa844eb4ec40680c8308bcca1caa1cf1d27e688439e2b2ae6ab13f8838eaf411

    SHA512

    8f624dbfa1ef4e0fc66b0c7606e6c00c96ec5ffa98734231df41121e60083eb8bc83d1d9cca839256aa21e71f23a6471323f2e9298c724a792d3445581ad2b70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20f70d722f9e79b4615640388c4a28cb

    SHA1

    9df78d4cf5ef6191447a26552f8570778cb9805f

    SHA256

    52aa6d3ac698bf98dd593e50bf6621ccc784bab6a481a32431c1350930265d0b

    SHA512

    a9419b776f89eb7e9f48c68f3b54f2b3c7f62488f9a1b2e374b32479aca17212e849f311059d943107b3148848a3643f492f37885174c1160df0a27c959ff793

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    efa3cbabbdd681d673757f5a847a4c6f

    SHA1

    a0161695076f3328fa27ba1237955d98d06b9e0c

    SHA256

    3abcb1d42bbd870b605b55289e2d0c9e3c83de507622f888afac3031366b7106

    SHA512

    4aa6ce217f0e5eb5c6b403724791036b3bcb5bae57dbf9b853fee3481df5eb3478c90c9cd0d074285d219bae40552a03dcce8fa38a96d0b61b28fb8e619e271c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    769d656d287c2ba05bad3551568a45fd

    SHA1

    96bd7542d87dcc2944fbaac534562520f2060754

    SHA256

    37a119f39b297052bdb6a635d59fcc0c3c1ae41c1621d9f6c0d0192ca9041a17

    SHA512

    badbeb480af8dfbeebd5ad3a5bdc3300deb6a0b95189a256ae2ca574e5625830a94a0ec621aeb21c880969ce2cd841292cd5c59398d50e7f60d62f42b7a762f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16519dfa212e0168922b751f5898c52d

    SHA1

    95182b3349cc704a3535811c1fe6055a3041c5e9

    SHA256

    7569ecfbf657a66ec558fa0b6329f5649e9df04d55ae29579e4654afed4cc9ad

    SHA512

    a1ded3b1e28935114e127f5dc8a9f515658b08290e2aeb4416e2653d9baa3f47765ada61b046042b69ca670f1154f89918d4780247a68e24e87293aff37411f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36585178a4c9adca8d4b646df7ec6204

    SHA1

    7ee9d4d80a98e5eeed73c67fbfcf58fdf09dfb0b

    SHA256

    fc7f4178e5dceecbc58424b190202cdd3948e7288cf3fa17ee4916b1c6fe1c2f

    SHA512

    5217614e146fe9fb3576a05cbf1278e4209e5e4b982be0d3f423bb2544fcd74c49520f908ec3f36f99dec63feb554f6d804d7d3d372976f1049860aeb8130a2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4dd346b6c5782eda4b1c54b5a58e82a

    SHA1

    5d47021da790f73a9fab12f038156bc7258b6182

    SHA256

    db5003797c0619f55b73e972021c40b45ab9d190e24035e2e4aba7699e073d33

    SHA512

    20679101a3d73660fdbc98831d742cabfa6413633fe703a83e8cc4cf5490f30e994bce75775805d68fcf5dbbfaf58a8dfbf6e787bc3c26ec5ce02ee0728080e6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3739.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar379A.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit