Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...5.html

windows7-x64

1

bahs.us.h/...5.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...dex.js

windows7-x64

3

bahs.us.h/...dex.js

windows10-2004-x64

3

bahs.us.h/...all.js

windows7-x64

3

bahs.us.h/...all.js

windows10-2004-x64

3

bahs.us.h/...ns.ps1

windows7-x64

3

bahs.us.h/...ns.ps1

windows10-2004-x64

3

bahs.us.h/...eck.js

windows7-x64

3

bahs.us.h/...eck.js

windows10-2004-x64

3

bahs.us.h/...log.js

windows7-x64

3

bahs.us.h/...log.js

windows10-2004-x64

3

bahs.us.h/...ons.js

windows7-x64

3

bahs.us.h/...ons.js

windows10-2004-x64

3

bahs.us.h/...es.ps1

windows7-x64

3

bahs.us.h/...es.ps1

windows10-2004-x64

3

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    17/05/2024, 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bahs.us.h/ninja/lib/lang/en/index.html

  • Size

    13B

  • MD5

    c83301425b2ad1d496473a5ff3d9ecca

  • SHA1

    941efb7368e46b27b937d34b07fc4d41da01b002

  • SHA256

    b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

  • SHA512

    83bafe4c888008afdd1b72c028c7f50dee651ca9e7d8e1b332e0bf3aa1315884155a1458a304f6e5c5627e714bf5a855a8b8d7db3f4eb2bb2789fe2f8f6a1d83

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bahs.us.h\ninja\lib\lang\en\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2140
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2516

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    266e8e21e254738f76de9e16d2e407ff

    SHA1

    cecd9dcb1b07e379a77e8d38dc6bc482477a73f2

    SHA256

    2952797598956cd283be99def35e52074cceff40c18995acafff4d47cd71a204

    SHA512

    6dea93d623fd47b652ba25d522739ea79933af38643986f93efcd69361df6096911cd4626dddd9b1ba44e25d297e667ec3cc656b18acd81aa8302e6424f6bb0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    192c5aee6cb0f643563b41e05302f70b

    SHA1

    bb90ddeb72b97fa064ff4f6cfe3d7c85bb14d299

    SHA256

    44aff4df9de221d092f45cff9e3e3b0809569aff7df3639965ca216b1b50bd31

    SHA512

    60dce9e8eedc6e4efa7cfb98c99130780130d7575860e6a6da545e5653ea93ba3999e2ef52d9c604c5f379fb36b8efcff2e5e63874c3eba3fce0c4ceaafc08ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bc6ce71cd2364cc87b5de1818e8d43d

    SHA1

    79b52c616d17785793380163ed6e95be0dd7fe1c

    SHA256

    f0844febdde2fa95b32b67b56bdf406f30e4481c0751030896cac16200f2c12a

    SHA512

    fbee1df6d9c867c768eafcdda7a88b76914e915ddb629757aea32e4cdc51fbf3da5340896e8242dc2c4d6c2f2fd6a7c4c0712f365124159813c90c01beb4d383

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1824c97e45ecabfacd2ff4c96d16466a

    SHA1

    94e91c1d7b0d05e5e4900dde15cc427de0680119

    SHA256

    3a419d8b4787a453205aa154e1b6c5982371c742ada1d82f4b4a971743047d92

    SHA512

    45a34ce8e5106be07e1f5dae93f06dfc848e139e94085ed490ea5c38caeb5f7ab9919b0228f948cd8e95ee84a165cdd4ed2ae7892601790bbe11fe1f2f6c8f97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d89446d7adb77379d5b2f3b57c2cde0

    SHA1

    384011bc5a25757952b96b40819c243fc8c44fcb

    SHA256

    2361c159687ecc2d17a98164868f852bbde6b2debd2b2b24e753164af9ca161b

    SHA512

    10d4011f3aff652fd2642027a0322cd664a20ae5d9e3f4e901fd3eb0337c54b2744ba8c66436a68eb842aa3c4ce237de5c4158f2e7c45da77ab665e6851729c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60230350165befb74afa0d7b4df8267d

    SHA1

    cfed84ddbabcb9c08bb01821107b7deb69763772

    SHA256

    fbd00f3776d1f837fa806d6be4036d6a13c0c84d13ff89a92a389dedfd364cf6

    SHA512

    96f214d5e37dde3c8b6fab41d55f113319f63667a07c5fe63ab9affaf3f426a220bae2ac34c74b0243fc40b7f7fa588ad0fefeaee1d6f0f46570bf144f951bc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90e111188b8fdd2fc5c173a692dd9465

    SHA1

    a6f8027c09b02da92c9710e3570602acc45c354f

    SHA256

    c0f10f73dd673bcda993179f3ed80319f6be6286ee2a1a71aa6b49170f08f64c

    SHA512

    c26e2ef8f2ad06a326ef6701412c84cd668d7a0fab81c9becbecf0a779f2830b573052de483fb00ab4022d36a5b62d5a55b5ae5cdea4db428205f34f20573e03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e838110316975e72e60523845be4e12

    SHA1

    044f66ebbdbb63ca4609e344ea14b1b959651cde

    SHA256

    6e06852fdf70b3bf2457936600017509c069a140898305e198ff8b890d54787f

    SHA512

    68c11bc08a0eb62f44a6211a9045a29ded4dfc4888cc08e83baf8879954742cb6c0d41cc04183d741edba0165fb2f31a4d35b0833eb7972717a6a6fcae184508

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51645c5ec9f62ebaa14eeee30ff8dc6c

    SHA1

    47101b4a8c2b3b0282397482e7a872be4ebb510d

    SHA256

    eee8528b29862f36c08a98f9c830a9e2cb139e97c6ea345eea0a350480ff07d3

    SHA512

    d37c14f4b1742c02a971a89730cded95b36ea381389a4c8ed5cd35fe35384b6f86a5ecc9530d8a9dbde7cbf9dda9b5d1d29127f5965c9d0bfc82c3dbd85d6b59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0710fbd072cb8337f22afd8cf82ded3

    SHA1

    da8c39ad3060edbaedc7a5885080c74246105b65

    SHA256

    e79ccb2e0f5a54e1f204a36756b69516c8ad0064e0bf662b7e898d6779233e84

    SHA512

    edcbc372a82bb52e77f9f027c5c0f029535e919848d0f9822b0cbb47b83454aeb8c3b1cb13cbd66e8e8a96dd471721501b5ac671a49d350b69d9f69cfdbca79a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a664657d13192c8cc7503f61d04dcf0

    SHA1

    528f8db3220cfdb47d52c53e558c130486278494

    SHA256

    11156531ac35d19174fc948c27a8ebaee3e76ff647d681a26cd3c19bf96fb01e

    SHA512

    5459f17250acc7893fca3bd461b3b14ae63b694f48dab99b6ea363a197d10721cc865c0deaa54ef55d07878aab25acfbcdf2c56223248f399cd95343ba71e395

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd645c908b8c9b0eb979e24363c20a37

    SHA1

    4a9dbd2afd70d50e9cf26bbf06788b4cc62923a2

    SHA256

    840d2d17fb68844ead8a47c3320bf124a043e6a355c5f783db07ae4161797d8a

    SHA512

    7a0c3d69cac9d35750c1678590d8a76a868274c66b3d4a42bd9ee56407871bbef9f83343910cb24bfd13033a76230a4533a6faddb18b6faa6b2432af867d7f43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d59820c406b2a7f0471f035e32cb3dda

    SHA1

    90adc3be640dd406c2292198b9908da59fc5dfd7

    SHA256

    160718b6e8e499f8951fda35f556a82b92e96f74e00eaa264bedf2113208176e

    SHA512

    eb738dd509d316c5e07abd039e19b0d367d9335436ea1f0a469868d4abfefad87ced7a475be4e21a7ed5b85a66bfcf44a21962ed0058463f6cd6fb1ee69c31aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8cfddef34239f23951b3c8616ecff83

    SHA1

    053c0555f18e585533c405d59dc90cff0b85bd0e

    SHA256

    44eddcb0c9d40852618232b3b235160889c5867f615b929ce6f1df5e448e9181

    SHA512

    e1b82c03dfad1336be503ba18fc74814810cce7b1cc020bae553dd9dc347bf960dd46139daad55128a7dfc32e20937d9efb56176e13681fd4e477d25bcc9c6f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a1c313f4fa5307e014a1c3f0c832fda

    SHA1

    ef8c937d44d315ae58318c2422f8fbb93ef0f03c

    SHA256

    e5571537702a868280a3b2022675a502af093e84ee7e8e65675ecce1fd488094

    SHA512

    667afeca9c205248a0737a6efdc48400ef113549a6eeef262d7fcd84b7cd25973b0c55bc83f1ac6f19a92a90d4fdfcd1e5d2a24b8657c486e75e4e5a8d4cade5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    669ac33a61b9b8ee78e6cbb07fb0ad06

    SHA1

    597c3d9a526b5476d40b3c906cc0eb082ed26388

    SHA256

    681f8e5e0c796e64e2f11ed559006a72c76c9471bea069406af40b2536f9b8da

    SHA512

    4d41264ee71c343a52eaf1c0fe28ff60b669f470b0c0abb9e57e68f277bcbba1866a9b8601c6037327f4dc1437c034016e6820de44223a8a806c949e3c749a84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4219aa011d4a82ebf9d330aad59bbe29

    SHA1

    e2ae091feeb047dced4ae93e59fad9018e853cf6

    SHA256

    20c393478dc2d5a83978671fca0378541d49b09dd9e73a007c40b8dcb567e5d7

    SHA512

    699c0de17fcc86d89357092cfbbcee8b04f9605b950cd7ce58234d21e38432c92e5d97892eee8c5cb3b7149b7b74369791d06b9b4e3a89251ceafc755202c46b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55f19486cd6e9b57ccbf5e0a53b66427

    SHA1

    13bf00c5db6af6790c3704965c80daa325c8ff9c

    SHA256

    dc68cfcf0944656f095a3eab5578a28c2d8f629a0ebd8dc3a2793d67278fdf63

    SHA512

    7f60e562f28904ee8db2a578ee1e199cfa53e7aafe53d6a3efd2fbcaad11e2681dcce2ac2b0a4686a1ce3242d56fa6c580d8f57661963ce2a5c2d3a196a2432f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    341b9e85bf5cd3f566088334b6004a1e

    SHA1

    6060e8917c02a920c496861a91938ecf4817e532

    SHA256

    c98f4663d0fd9b0012f286393d6f225e5be9f1c115a6d9f159938632392c91b8

    SHA512

    3680ddd355e26d323a30e2a4cdeaa6af3cd1bc3e9824e0d5de9b14e162f12d6f2416f90970696816b98559da29f90b8a56540c556b595f8725050f3fe374b900

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    835f3afc1eda01145d22d28d1f68533d

    SHA1

    22ce1cdb597ff60ef64f35347d2d10c478684e1a

    SHA256

    2b0c59f42baa73249e843696ac7cced44619223ef5dc3be5b19530ac8b868533

    SHA512

    ebb98e130895c13bc26355c04c7065b9ec5d2b8def2118fc3e5c2c29e8a6c80f176a237405c9bb587396faa6a3da555b8a1b44bffb57bf0a51a715d70d6518f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    ade918b7f252ae815e44cd377cc9d027

    SHA1

    d5992aa0c83886e64a24625d9002ec37bfde1a31

    SHA256

    76afb986dce56e388091a959a727f54517524491967d0183b932abae2f64215e

    SHA512

    496c0ddf99ecb6bf6a6f3a865cca13fcad1eb4ee064516f49e6be2df3734e89bda7f45b0352356e56c93a5e7adf820d00159d67924ff3f1825063bb36b520cfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar43E9.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit