Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

025642e318...18.exe

windows7-x64

7

025642e318...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...Ø.lnk

windows7-x64

3

$SMPROGRAM...Ø.lnk

windows10-2004-x64

3

Data/GUI/s...til.js

windows7-x64

3

Data/GUI/s...til.js

windows10-2004-x64

3

Eets.exe

windows7-x64

1

Eets.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

ÐÂÔÆÈ...Ø.lnk

windows7-x64

3

ÐÂÔÆÈ...Ø.lnk

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    20/06/2024, 03:14 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ÐÂÔÆÈí¼þÏÂÔØ.lnk

  • Size

    344B

  • MD5

    4c2a7c403e0c28333f645a363f606da8

  • SHA1

    fe61f5e318e323fab9af329245e4bba6128aa5c6

  • SHA256

    c755fd0b870f2367e644f899afd720c4aee7b019b5584a14421c407e7910de14

  • SHA512

    8516481f41413d3ec958a07af39aad889840f964d7cb1f8027142f9c65abea9821e3bf2fcfdd9fb2b1c676031d3096d478bf06586deaaac05a7d451b0c2146e5

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\ÐÂÔÆÈí¼þÏÂÔØ.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.newasp.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2452
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2580

Network

  • flag-us
    DNS
    www.newasp.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.newasp.net
    IN A
    Response
  • flag-us
    DNS
    www.newasp.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.newasp.net
    IN A
    Response
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    www.newasp.net
    dns
    IEXPLORE.EXE
    60 B
     143 B
     1
    1

    DNS Request

    www.newasp.net

  • 8.8.8.8:53
    www.newasp.net
    dns
    IEXPLORE.EXE
    60 B
     143 B
     1
    1

    DNS Request

    www.newasp.net

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44c51fb988068e388b31dbd17871d2b8

    SHA1

    86cbc4cb1ae6841005979c232d0d802fe9e8ecc8

    SHA256

    b8f0aca217f39afc3796fb0edc6cbc2570fed361cd02256d3f0ce73d0e8a9293

    SHA512

    820cd48926bbe7aaa673ddeeed1968d58fbe302b240a98b691597e1b19784c81e36daeb78d48806ccddcefee7497ad57844d0efdf2b0710c3487c996f0628091

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51c1182bf1dfed6b6e593639ae012970

    SHA1

    029b5d799a64c395443904d4905b5a744db5761e

    SHA256

    ecb968ad4030ed5845014a9d0c5ebf216aa2f1a84c124f016a16635e691f50b8

    SHA512

    ce8df3fd33734e8f4877233f5e89c693345407fa3eb5e787c9c658e505df229b654da385f1daba81206d1981a16296d955db33ca58e1a946c9cba2f1f6849592

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94545a935bc31429478d318639026f54

    SHA1

    2b9e128ce9594b2e3420f0883d242f78d1d6032c

    SHA256

    324839793a7063a6e60b06d2bc5ab0346f69d222513686343f5c80226f6a0c54

    SHA512

    46d697e57ff15b13b4861d37b6ab07c9e017a8db1f123427bbca88ecffa88a859f99f0b9f0c4daed2ebd01bbe0d3d1c5df1d5f942f4206ad046599281ab3c0fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb2a2656d874b2a0cb199d5b4d75b93e

    SHA1

    7125f08a859cca23cbc1a78ea8792a4bcb5b5cfe

    SHA256

    dfce8621dde0fa69a5ec4fd696635a42f006584b5038d11edb76f88e8f65f8be

    SHA512

    b596a9692a164fd7f858b508fd57e01c4ef1d51b012c2225d7d25d1ed54f7223920a1d75732e2c255aeede9e8936126ddb634a1e0f8f54724e84c0c2fa56d578

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    687861eb416a7ccecfc08cbcd8394309

    SHA1

    46cde836a5db79397ce11fb9a0fb73c214873852

    SHA256

    29f4240f414516d4d3b91a36aa54622d393a65263acf0930aa8167e160cdd441

    SHA512

    9f32b0bd8f9700866915474cb30c08146b653daf7532621917b2f9b19bdfa8ecbd4f597a25081a3b7f3386e86f8d5b559be32d5684800028d9cac646689cea46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0ce07277dcad3b56d936a7d26c17d45

    SHA1

    668bd2590cce609309c582664f16b69991015d08

    SHA256

    0f91b29cd013fa7e460ec6416bdf94156d71def069d2497ea343c1bb3cec6bf4

    SHA512

    2508aa6f61b0e5c2849165e770edde1ab456002b99615a1aa205d3907cba26a30d552e012c60aee415fe7774d2528066aa76c0d8c2a6b536f7db58d7a62c3e07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e58dc2bcdc6b0885bcb3067757da765

    SHA1

    8243ced6070cd8fc07eb9d7057a74524e900ac96

    SHA256

    6467d7eeb5cbc2af04eda49a5cb9aa154a6824d92f7d2af4ac3c86dacaef02ac

    SHA512

    0fa1762e8b2be5c47e94ac7e7474dd440081dbdfa5aba9fafc84a5de3983d12f560539b1fd5b1d83f32eeefe53ae954e719b252eeb5536c2dd6d94be6b25ea5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be46645e26f368654696c1b635fdf7e7

    SHA1

    b6ceff51049e857338866d02ca6ebb93ba941e1a

    SHA256

    7fbfe131f0190f8cbca9ff0466658daf012d0685e47cc72a23365ddd7ae5418f

    SHA512

    44dd292a6f481834c1e7b84038f04c2b0bab8cbb82a139226d16eae2d916aec42f0030bb2ea2b466412dc940cfe5dfc4b8be7f6fac0361ba4f0ec43fe15fc1b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7310d2f8b55e98b3f9000b32d8dc7dd8

    SHA1

    23e05022908e843b2286c8bc5d00f502f21d7137

    SHA256

    f5f6be8736d0a24f2b08bb25801e9bb9473ddcb09aa8af0acc7b97928aa1b496

    SHA512

    3910a42583211f83ec11b6b613aba46fd20b6f8a8ff74a3da81de89c8e07068a4d81cbc4b80829c9813f4b5e13bfe447c94c56e1e6aeedea98a25708c565ba25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4be889494e383c244a42835b191dddc0

    SHA1

    e37dd41e5aa694d11ea61bd5ea89a6fee54c084f

    SHA256

    e5d80c43759636289595577fd8a3ac2990823b1ddce75ac21a1134c574286bac

    SHA512

    c707508d5d136a4065a6126faa9015a1112dbbbbd3ede7d7ce57721c8f9dbe986fc75a8f4a873ac84e660c567364e5fb88153be3eb18e6f4f0110fb7646b714b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3f250019835b88a29b382bfb0847bbd

    SHA1

    8e3c520ddd366a6952debb495c887a05ad4ab168

    SHA256

    db1e9f051d6a193e3c616952b55394ff65a8ef44e0cd666f02c5d40f53c8d0a3

    SHA512

    b54bd85070a6c7f78aacb5bba9ff57e9a540686d2fc1df35bdb3f70ccff8b27829db767568bdd45399dc515cd55ce05c3db1550ab0585fba10ac9d82aa363628

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca1c59e95c09d176af5ee9f20b9f9159

    SHA1

    2c76a5d565fa53d25cfa3ac52f3d8c1ef2c76c54

    SHA256

    5379a8012c264e318ed334e97d589547845cf102c1f82e289bacd4ad698916cb

    SHA512

    88c347ae6f7b97aa62a191ddead09fb201f39999f2f16cf7f05f2892cf26d14f7008e3b923bd1553f48142cb4190c8ba1da4ef25ee3149b8ca478d554c757e6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e97acc878ec7ae822d99ebf63c33750

    SHA1

    8cbe918ddbd264ee33d0427c2c87de774940367c

    SHA256

    24d6a1f7d66c47f7fb605993b5b84d72a608a33ab15ccc3215184e37baedf6d8

    SHA512

    4a4fcd4863677ee96b9b7b4720cf0d7aa945252655bbf5ebf96c7df0f418a46e8f7db39629b93a9daa392685bfdff4c98c6fa0531da938e90f3cd258d36697e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    baf5392e86c3419c7284d236ff5ee460

    SHA1

    fe2ab89a531823ab237da982479d4f6d4bc325e7

    SHA256

    a82ce99066f57f7258ef9d8887840978827576d259f37918e6b8a9917985aa15

    SHA512

    eb6863e0b6b016301010a1f901dd4df8f5c7ed87c10737ba4aa042a58d6175f710eda96854c3b0c1a6f3f00c9682af6b909df9b46e9de7a620491f6a885aca80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d20967bfa7af1a18156134153cbe66d6

    SHA1

    426f6110c5908fed2331797d738296c5ff786964

    SHA256

    3f1120fb37f5f10417a795255cebe8d5fc09fbd5369b82ac5effc05097bfcb8b

    SHA512

    948573f49a2cadba60381bcfe93d4a1e03a77bdde9d778ae4f95a004686ed635d7fc31b98b463f3be796f19e87e1adb5fa3dd3289d114e93f283086da62509bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    105c9aeb239c738795318a8697f7380b

    SHA1

    be8c284b0ca7191d006ebc7d29313097d1d604a9

    SHA256

    c0a35f5cff2c294e6783197ac1e3a360695f80f7f31f021c88d2d6f90f829690

    SHA512

    576e2dd3fad3e4b3f6af87c71b2cd7750ceab010de444c411cbe54388183ae031d858b2011fcec00014d5f9553b5b7886e3bca7c53c4a91c7327346030b7fb5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a13fffd3889ee13adea5da7699534f4e

    SHA1

    e20ce17131b9843c304909a12135dba69de60e92

    SHA256

    c97b29c883d3f094a1724e095a9f8e489f258358171b6a1a4af634439139eff7

    SHA512

    ce89d949c4059aa2c1779ed5bf0377d66bb33150faf3682c8ce443ba67126d9421e54c65537f62d86153a1ba85deb07bd05f0079574a7b54896222a07b54d23a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d87721e5c326dadd1aeab5ca3f7ee553

    SHA1

    ed3a5c38d3e8736a8e4024130bcc84b76fbe2995

    SHA256

    1b66d31f34b6fa3b00de962338f12b33bd62539371c283e1d1c6613b1476abdc

    SHA512

    d7daa50ed57fb55dcaac495c91f3c55104eb1ab1bcd1b6c2191d026cb09df5925c7ed16f114d8a412553866908e21b9d7de243a52b901b43bc6296ba3feec925

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab44BF.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar45B2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.