Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

fabric-ins....1.exe

windows7-x64

1

fabric-ins....1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    63s
  • max time network
    39s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 16:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fabric-installer-1.0.1.exe

  • Size

    449KB

  • MD5

    7f0502234a4af4bb9ee0b35ee38b8711

  • SHA1

    e708d55f12586a153770bafa4b7fbfa8441b1409

  • SHA256

    d90987a8f7a56cd9c09f69585de0ee6241c326f5b41399b2a8319d03fe6ce64e

  • SHA512

    4dc60b1c4da89d3f40456ca54665c797816e42fa1e44e9b2873f799ccf2a4f834732b2854e3f8491e1ab1be562e7d7528fef19acb49d072a63a668e7e5468320

  • SSDEEP

    6144:nI+0wPnAFavZtK9qEgsdjMpgmo6KlspZpP5OLhmsGpAiXx74syabpA+J:BPnAFSS36lKmPpemsGmiXxVfnJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fabric-installer-1.0.1.exe
    "C:\Users\Admin\AppData\Local\Temp\fabric-installer-1.0.1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://fabricmc.net/wiki/player:tutorials:java:windows
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2232
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2592

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    565d783b92d8fa5b2bda9ca4d685ab8f

    SHA1

    52689e2181baa44e1f9492256bb8361befeadee7

    SHA256

    e2df282fbeeed57028142ccfb87c04dbba3bf771666741a5d9e8065d8c1fcfe3

    SHA512

    94416c1d602e7106ba4183f0718ac393d4843d127aab57632a36e174b95fbbebc69c2e409fdd064a673a3d4a2fe895e45bea9f4f2b4d127db99bf8a978345807

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7dfa58641ff22d5773f91026f2d41a9f

    SHA1

    fdd21a48822a5dcb20715e6a30555e05f3077086

    SHA256

    d601badfad4d10c664e407cbaea35483cb16805ca1d7b9375f85e067274fddb3

    SHA512

    5465e9e17315fe42d5fe7d1afefc05c77863a8d2009fe58c8f0615926590c20a9144a79b993a6d3acd3be8fa8c48e5523765e1c34c5029b8c9862d97e83bb6a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1aa9c94aefed5f1d5da84b6c93aae698

    SHA1

    4df10050ed79fbd03295047fc0a5c89a594ea8e1

    SHA256

    4bc369456c00fdce0d3339f8d6edfec9f1392b1b77e5d34dbcbcb5f039caa636

    SHA512

    bd2b1b3700dd0f44a087196b62a722c694faecfed0b900a19efc874dd5b89654b582aca3a4039cc01bf57d1fbdf7f04f0ae6adc2add48118ab69ab5d6416af32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cfaf85dd9a397a2a5dae79662776f5a0

    SHA1

    7a24d6fdfa2d21cfb86e926012fd604460ed0ae9

    SHA256

    622e65fcb24ff246de3d1c84e735be8be9673fd804652624f5811a9d23900a84

    SHA512

    aea0bf1450d718fa9819a7dc35f5f1f2cbe9277ccf37f4e848293904950f7529aaee58168818b7264d7ce9d070ee6f1c169455026d5a5c6df137ab9eaa36de6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    828ca175611609f4bc89b36aed1b4f11

    SHA1

    229ae088848defe86f8ae0b46487b71d20a2e5dc

    SHA256

    57581666c41286bed1b65660cbe463e10cee3ac578ab6766f2f518c007e52028

    SHA512

    6fa0a6ea12cc3dfc5243b1ba015e42a17049c421f3ea595a92b143dd6328bfde8a8044c08c22138634ddc17c58a7a617f345db646e2dad3f467634bf63a727cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    683862f51e326eb9292a3e239f7f9480

    SHA1

    f4632e561b3037a3b5d4ece858264499876c2166

    SHA256

    44ed0ff6ea285333a31baf644f90a89c210a02c3a399b05280898af25a3aac9e

    SHA512

    1142db77dfc3ec598946a5be396d68a8bde417b9ec31faa98c2b4f45ac3b368633f14f34d7e5ab73239f2392a15721f162d8ef65f6a4f191aaad582a9a9ff413

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    32e7d837b556939207a83fff3425525e

    SHA1

    a4a2ee3ab23ac2d557b2abac9ec452ec95e151e5

    SHA256

    b913cc8525eacd04e9039c16c7ecbee1b6bbe4caca04070db460ee44b6640972

    SHA512

    49ffeadba108b628a568ffcb8c9ae3e64f36891557ff9b7e533b198ffb76296a37e048e715881339930b60b09ddfe299c9f61dc3342ddecb89de675464b126dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    94118586e8df328b750d53530d947825

    SHA1

    e0d03cb2919bf56541872a0ec55f79d9f4184ed4

    SHA256

    6c5d0f03d31b0e7630e930958a4f5609549629ce177f7d87480ee005fca196e2

    SHA512

    4d5a1ddce9b7267c631386ef03afaa189689cf04abc3e8ba8405e006df6af6f6e13bc81241fea3c6f3e998f740e48a0b201e8a319a7cd8fe25cedc5b7874f4fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a5709c9f6866b8b96875e610712382a8

    SHA1

    af117db88ffe8fbe39b11b3a051fb38dfc3cdee6

    SHA256

    13cb0b440d55260c65b1473dc459905de7f0030aa74d267251d530410e73ff8d

    SHA512

    8e166477c48dc5fb6a83260fee8f17e0217b18c49a2cd50dd404ed0038863c8394e90fd4928b4031e2e20190f5b25a36459336ac0d9046a12b433daf4a5ee908

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    448182ee9b01f26cfe61d623303a3739

    SHA1

    331e74684f1cb8c1af6e120e8f3e10f719e5141a

    SHA256

    702cca0c5470cfe10e03926cbd1faa97a7c450b5638e9872fb0029a11289bf59

    SHA512

    f5b3f7124c8ad6578a75b0339b44d25b3950c5cf7542e3d5d4c11de1b8a680fb934e45a55dfaf4c350fd1954037ef2df2d73351275d1b151806bb7bc4b1d8d3f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\92bocja\imagestore.dat
    Filesize

    99KB

    MD5

    491ccb9e5d4e164cc96a789b89b5ced4

    SHA1

    bb667912a1b9a781fe548cec6171c0c959c58427

    SHA256

    533af13e1b4e331159a182b7734d160649a3695560de0b63dda431425915684f

    SHA512

    2bf5c1e0602a866fee89a4ff891046648c51316f5a4d287467437a6aa3c8e3eb2b80ad3794512a8dbe709c123750697f8a7b4d2f4881987bd91ee79dc5d87ff1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OOWQLMJV\favicon[1].ico
    Filesize

    98KB

    MD5

    94bed0e172b2d893f1a2e046ed9a9baf

    SHA1

    050d1b4d6752dd973ddb31beca55815e300180b7

    SHA256

    ad44b5a49faee0d955620c627d1710e662893688522e7051dfdae10b42984a27

    SHA512

    515e21806859deee755e617bf1ddb28b363b34e65b4cb6853764e6f53014d405184b6fdf333ae33722d8e7a69b8c93f401c5cacce0e217013237ffa475994fd7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab42DB.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar42DE.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar43AF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit