Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

PPPOE095.exe

windows7-x64

7

PPPOE095.exe

windows10-2004-x64

7

使用说明.htm

windows7-x64

1

使用说明.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 01:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    使用说明.htm

  • Size

    2KB

  • MD5

    f167320d5d11be52e7332b943ccf0bf8

  • SHA1

    aa265bc6fb9043ac4729a5bc8aca338be0022e2c

  • SHA256

    6cff52f54f3d9c0de6e0b231d3cc06a4ea8ea4c15fe19e20f57da2ad77369bd9

  • SHA512

    f94dea5edefe16b06c7fe2366ac24001fc7ffd709a5971bae9bee5fc12164310dfc460c733ab48f83396dcde318d7948ff961d007bdbc78bcd8aa9a9101c899a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\使用说明.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2688e14561ad8316f8ff3260cf79162a

    SHA1

    6d39f3be184122e7db16f2359d5d11bfb1313e0f

    SHA256

    4bc29a4b3bbe1b6f96c863d5a3d58e6066446fde7f9fc1a0839d0362183556e4

    SHA512

    5c5ad417c0fc428a5fa9c37279d5b4026c68a69c87abf96754de57827a7d950bccd29f445d03d79fd264efebc73b358d3da0aba09454c220ce2ecf465a46215d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4a1bc547cf5814c12429f860a387dc3

    SHA1

    9dce07898d5f2190522e21b0faaf315eb6791221

    SHA256

    dddf3e9a5d2aaeecca20f84b5b5815c1dab70dbb91dbd2f8366edeab9c6893ea

    SHA512

    8fee9330825020e3ed7fdec30cf3e43737aee1507ba63bb28ed90100970b086bd56a76f086b97402c684958f4b95488145f94a7f976282eeb56e9a4404901bc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15579b0c02301af50273dceafefcd256

    SHA1

    153e7574530ad4a20de379e6fd068ba8613c309c

    SHA256

    541505993bb92a064f95a0051a5532f715843e18ba01bac23cb91e8136bbe5dc

    SHA512

    cc01710b1f45bf3f56c13197b80a78accfcee2268334224a53b7c6ce8d8f7c38f850df2af05cde8aa6ecbd55839aaa7b66c65ab66f0bf4135f7e25c5892d7788

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3c1b445030f16cfdff8c9bca1756821

    SHA1

    9e74c7ff8f2f2cf94bbc1fbec28400acbbfc154e

    SHA256

    c797569b353195c46eb40de77269c6b4bb80848b7a67b6804489ff0b19f5bc0b

    SHA512

    681e632b740be640a24839904d439efc5bcb9215d1129b4ae454d34bc66ac2dc369f62d7b5e4a05af81c65f1f43ca826207c8351586e918c16cd31757918e307

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb243e03b7e21eed697309c6cea17626

    SHA1

    da48534fa6fae868d279a4612ff59f42b99feaf1

    SHA256

    0f6bdb81628088d548a78fe17916ba3eebeebd9d60795c7e28b9be4a2bd8953a

    SHA512

    aec6ac2d7a860e63abf5e8f9cb0d6b5759888aa1456b2a64dc23cd60975f3133fc4596ab557fd25345ffc7e5f7f26e90d326c5eea303a38a95a161715421cb3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bdefbd9a9446c7741eaa03cdcc5fba25

    SHA1

    1fec149a96e6dbeae33ef673348b32dee6d57f10

    SHA256

    c1bda8241630bcd3ef2de5de5c3cbfbbca0716cf1d9dc0827f20387b31bf1300

    SHA512

    6c8a069d17e9a4ae51da95ac7a997c3c09238bd6db9749bd0bddbe3eea1c41bbb417c6c6bf1e6ab1b3cff29fcbcdce046fc99563eca5ec2752421ebeff41cc36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fe6ad220b89c26bae09c8b669402728

    SHA1

    18d77781bd4413706ac06e058d4792f2f3480ce0

    SHA256

    ccf523e769b84f11a88a222a4556c5267352f7095e1ca294ee81e73f2cdda43a

    SHA512

    97bad51e48b610456ad7eb2332eb152174fae110b7cd187b1a475d7de77a8c8c8c86fb5655e1a28f415a5304695cd41dd6a4ec76e1c576c8ddd82797c7d2fcff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5aa5ae6866e31efdb37add3ad0f44c59

    SHA1

    ad13e6a2533e43ed20f3d57ce476b10ec3e6c9de

    SHA256

    56022f623d7b8d095514be1a82e6f528e6bd3af454fb7b992edff09bdb8b3b2d

    SHA512

    bc7709ba7e53afe1e62d3d0c3bb361e59976684b22a885147cfd184a1cac6d38d7b329ff62e612b13dd0fc58f476f0bd6a4b29efbeca6af4e7c84f02443f197e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2983.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar29A6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit