Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...5.html

windows7-x64

1

bahs.us.h/...5.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...dex.js

windows7-x64

3

bahs.us.h/...dex.js

windows10-2004-x64

3

bahs.us.h/...all.js

windows7-x64

3

bahs.us.h/...all.js

windows10-2004-x64

3

bahs.us.h/...ns.ps1

windows7-x64

3

bahs.us.h/...ns.ps1

windows10-2004-x64

3

bahs.us.h/...eck.js

windows7-x64

3

bahs.us.h/...eck.js

windows10-2004-x64

3

bahs.us.h/...log.js

windows7-x64

3

bahs.us.h/...log.js

windows10-2004-x64

3

bahs.us.h/...ons.js

windows7-x64

3

bahs.us.h/...ons.js

windows10-2004-x64

3

bahs.us.h/...es.ps1

windows7-x64

3

bahs.us.h/...es.ps1

windows10-2004-x64

3

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    17/05/2024, 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bahs.us.h/ninja/lib/share/index.html

  • Size

    82B

  • MD5

    7df5d2a7243f6d39af484a5ce6e7894f

  • SHA1

    c867978a506f8a11376f6f45b7de064beb643509

  • SHA256

    932e7061e2af93d7ab71f32360d43437e516806f7f3586d8c211ed20af14226d

  • SHA512

    9eecc6af24450014abfa58186fdfe2a5706ad4f547244b5bf1da7910c55ab520018eef1a695734cabd3a74cd677e4c05addaafd13c5c84a1b13f952007e23965

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Modifies registry class 33 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bahs.us.h\ninja\lib\share\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ffc131bc2106a211c7f9e45d9e09e1b

    SHA1

    bd30001a7a764d87db18a31f9ec23ea0ee378926

    SHA256

    8022d09621f9071f71ae64d85bf46d25d3233b8214c5a087299984ff4ffc3a0e

    SHA512

    afac3fc4a53693e3dcc5dd4bbf8cf25a36d167dd9125457bd1b9523db1171040320c791ec37a1cc51a13d82d00f804ced9a0bd54d0b7c1a1fb2c761cce322a45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    116ff8f0938d742f814390a6503c036a

    SHA1

    b2de4122d4ba20c0a3823ed35304e9ee4925983d

    SHA256

    54b18547237286579ef081208d062b3cdc50d8828096359987de05caf7509461

    SHA512

    3766fbec565c026d250722d2fa62da5c12126507e210cf0a16fa1a6d499d258d59caa5785ba53b9ee8a05556dadd37373942d39b77a07006355b5a349cc771d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bca8c8d4f7a3dd1e5dd5c040461442c

    SHA1

    da79e117164bdfae0969fee862a84955a9cdef76

    SHA256

    696285fabdd49534e6ace4b48a92f2c3413014255a985238d830d4356e1814be

    SHA512

    61e19315a221a88cc5fbc44e8689a6a47be21f203536d9847e8ebb113e466e2980a0bf332d6742f41251b985daad2e8e6bd37cea2aad285d90b52ba22c7bf322

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    127b162bc49bbd9674cb3455ac068a4e

    SHA1

    528d9a74784e510f6a66ca314b884204542bfb0c

    SHA256

    1123ca47e40763fccb01ef91b448b2f92f08557c7d62470a138038c1ade468a7

    SHA512

    ceb6a85c01f4a32e308bdb3afc2f2e633903bb41b73159ef7dc153a36d8524a85f4a3b449e9cf94008975f933c34b4f3b3fccf88d843d8fcdda520c47869a15f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    411eacc61908aa08d348e7124bd2e9ae

    SHA1

    ad5d6a074849e7e05e775717e1366dff1356a171

    SHA256

    afb762914e1ad8e1be7d2e210d6b479b3708004c0c8d7ee8dfac5bff20c7d3ce

    SHA512

    d2397efead956721b28b0452e8e342837d689049afb443b0224b6b47c363569c9ea688a8cfbec4ed3fbea991a45d4aeb3f48dc0f9be3c56a0c1bed7ca7da0820

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2060928887ae5d788f71b3fd657adfe3

    SHA1

    a68a9e238199eaf8455439e9172f467817fb7cfa

    SHA256

    58dd5ef6ad7121b58848bce6cd846d8a3bb19d90323f7b2496dec21eeeef2f15

    SHA512

    71a7a4e551286b542db31096b4e8d4cc97ffc5cdf659dc2f6876248ab951951fdc13a586c50babb19f602a815fa291102e00ae73e684a7da80b308c954b6cb0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f3400d03c515a18cb445f5f9cb93a0e

    SHA1

    b6ce33c988c020a2a2a88ccdf343864c4894e80c

    SHA256

    58fcb484fc7750131879482eee7c5cfc9a3b075079a8d40780b925f3a5a297ae

    SHA512

    c4e462099f0735b08722a093ef6917498f04606787f6cb4c538626b9709660729d0471466b3dc37f9f5e7cb549b6355c68a7b8d3f056529d14d338d1e30f7226

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    703e9ae9c0114e2801302e8e80561dcc

    SHA1

    c5d5ac1c082fcc9196569058e3405095a6b2a2ff

    SHA256

    f9dbbc5bd02be6a0573a8e53e57b70a272d6bcf3f4a89b1d4d1f2cb652f9669f

    SHA512

    b0ea9a6dc9506d372c219a01396013580669d8f063ac4e7f1883a8348ab0b0b44a0da39e97dc1e44e3d1c876e933dc0f7ec56d5bb1754806737a1bc8bf0394f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8070ce3795e4a3c6b3513d3ca256d80

    SHA1

    e1d0c4e7b3d8ab4c14978d94357a8ba536e19287

    SHA256

    12fb1b63f019219c92fc71d8f1ab38d2b6b719d11f592341b89d50451a910dcf

    SHA512

    9c56facb1e2b7acf02801c8f63cec565eb4bf20c3a32de5d91fd4856cc227654f474555a02781c4fd81f1937c93b4d4d2269f84613bf0725e1731ab69bac50f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ffb8a251116199032d02771489b727d

    SHA1

    5744ec2b1515189a01c926fe1641429cd7763cce

    SHA256

    92cfe80e204c771e0d28703c1db3c0030eedddcfd92a078dab000e7907ce0d1e

    SHA512

    e292e67a184e9937cd030fc2678945953c372eaae11a02118eecf9543daa44bd1a7d7309443f0375fbcad7e7d61c39454c8d97a7d5627995757ca097578d31ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a697cd45e00bfed6d35d8c88a37a204

    SHA1

    ed5630619d8d66b8adccabc2f15e1d1dba78b88b

    SHA256

    43a3fbe7f98e42773c0f35f37feb4fc9d33f77d8f2657fcc4e440b96eb1a5783

    SHA512

    e9e128b80063efe473b8e581b422a1478d51f745e0ab445a287bee78c2fc5d2943989bc210bb8b55fc1d2d08fb8bc9038d8fab05426442386be8f0a5a6f83b61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6d90df514bee099219ce564963ddb69

    SHA1

    90f61f7592415d68c2b5ca13ccb0577753054f66

    SHA256

    de0b15edbd5f019b6dff2e4d44656deb509aa80b9c4f4c7efed30e182d66becf

    SHA512

    597e13b21c8a305fbc832650d2e9292d081ed4e7d59b57fc9c263b5fe6a6ada37b9596dc0d515a3afaed9cdccd764e8f720c6395165f3d05069c66e23abaed1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a649f84c84198756de67ab9b21adc983

    SHA1

    b481eae1aa74f2423266100afb368c6553033ccc

    SHA256

    ce6777ddc1473d78985f7bb924cf5218f6ce01a5c4783ac45df900aef59a2b44

    SHA512

    02ccdc9e40d927cd63ad56bf9684300d9a45780bcc02cfe3b1675f3ee9fe377e3b7a4edad30d549187e45be152be518f91e88d91e6c6eef9dd2d98471399b7fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f592f19bb6feb7b76c958de5ee328564

    SHA1

    6581953855a357fdbffd91c234b3d1480a107cf3

    SHA256

    0d8148552817a71bdf84c707400d7539e54e2f92db5946d76b20a1072435fd74

    SHA512

    a9f79682aeb9196c353bb18c468258be9210a10eff73e860debdc6b5433f0ff894fbbbf50728e399d360772059102e6331b8f17321242995ce04a32991a65526

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63950b0dec861287cfb7b07a4668a4c9

    SHA1

    a3df7b06bc766abcf80f674f6da3b84b2e5e4ea8

    SHA256

    ce5104e7993f49ae85d83373ab9ec1530af48dd5678f122fe62162d2443a57ce

    SHA512

    93af1c4b9d9d8bc184205aa4e84241d72b06014fe56a99d2539d544fb2229819546e7332ebc82f00932f0d5008097989bbb9c18ae89447087f52c973336b3812

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    308fa0392682a9b8313a1065a35f247b

    SHA1

    86f206176eb15ecb18e25f998bb8efe922cffde8

    SHA256

    e603056cb483481ae1cd656c97e4ccef514ffab90021177fc58efb2982ecbd0d

    SHA512

    b1f57e8c74d19398869637096cd872897e3aa6861f9a46422ca36c2d018521b1608a00005dadb8395df671a5ea32bad603d53c9658004e5cffac406b63664271

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a31a4bc4c73545481f47e7660bd4be41

    SHA1

    768ea3a48853f993349aae960d02eb3591588727

    SHA256

    1dbc379c266f08ca325100be8325fd0b22a97515ce15f73dcb99ec7b36b15b78

    SHA512

    b1525e3228f8ac6400e5ec46e6bf8fdc2b96c30881885df9ccbd55aa2658a5a1e9e578563edbfe09a0ff4dadc66206032bcfef6701926dbbae83bd1e4be251f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3f51cad23fda285f0685ec049e17dfe

    SHA1

    b413fc6124bd4825d5d321190990b43406f4a484

    SHA256

    9f373e75e436a595a2148570fa9cf7b27468efe5e3a8f73eda89bf190e7bf2ec

    SHA512

    d3af7d3c5ef820693a5fc335572439c274e7d6a986e54afb862e7b7699c070fe2aeb17da6472ec758f25e80fdd6bf775b608e5bec10e9bd6d6fba1fa68505195

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27c216327703e38a6bc33897d3e5f466

    SHA1

    3041d3dfdccd44455dad85b90eac81b242eaa3f5

    SHA256

    4fdfdcddc5d6dd84513e7c9e06d92947aba9bbfc0f62fb033b2aec7cd223d296

    SHA512

    4694cdf77d6fd90af1469632e96bde529866d01f0f0b430a016be456978a5137303765fe89d8940bd0e9422bdd769c0116eb819c8374ceb7cfbe97808ca7ec5e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4434.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4485.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit