Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

recorder.exe

windows7-x64

7

recorder.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$SYSDIR/$D...þ.url

windows7-x64

6

$SYSDIR/$D...þ.url

windows10-2004-x64

3

$SYSDIR/MMUTIL32.dll

windows7-x64

1

$SYSDIR/MMUTIL32.dll

windows10-2004-x64

1

$SYSDIR/lame_enc.dll

windows7-x64

3

$SYSDIR/lame_enc.dll

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

help.chm

windows7-x64

1

help.chm

windows10-2004-x64

1

order.url

windows7-x64

6

order.url

windows10-2004-x64

3

recorder.dll

windows7-x64

1

recorder.dll

windows10-2004-x64

1

recorder.exe

windows7-x64

1

recorder.exe

windows10-2004-x64

1

web.url

windows7-x64

6

web.url

windows10-2004-x64

3

yun.url

windows7-x64

6

yun.url

windows10-2004-x64

3

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    20/06/2024, 11:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    web.url

  • Size

    202B

  • MD5

    73509b28a5a218ad6ce8a6abf930c960

  • SHA1

    28034b559c85989b98b88e0ebbf345eb61a7861d

  • SHA256

    7e631e598069cdadf5353a314e5f14543f97b85cb1dd08efc0283cebdbb24872

  • SHA512

    e1b215e5d2d8f6e7eec201664fe69550fe7843497a0aca43f155931201fb5eabd7bc83efd1a1fc0cf68d22467da337cd80d91d6b6739285e0cdb13be55852d18

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\web.url
    1⤵
    • Checks whether UAC is enabled
    PID:1672
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2360 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8971b40bc11adcfead3c3b2232be8e5b

    SHA1

    245941421841d4d41fb2e0ad7f94bd9c36052340

    SHA256

    d1180d4c22b4065aa3096ec7aa7b5cfa837a7f99746ecb0a1a3084437f83f191

    SHA512

    3d6596e841d5b9f72715ad4dce5ffbf68a87462bfcce8967b1ba9fe7dc66c066ed1da68f267eaae2f0aac1baf9e5032a07baf7120412bc8a391ccfef5c56f89d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f200c0f007d32ce83c2412a480dda2e

    SHA1

    287715dc8c4682b8fe139a5ba02994af3414fef1

    SHA256

    ab8b35a14e036f0266b537152799a9a973457a78147f6391b55effd1eb133a70

    SHA512

    53c3ef382eca5e12283e3f93b698a3eb668092371d75b0643bf8ba956237efe949ea26bc3de5ccdc2d791c4f689887d94f1c3007444f713fa45e51868d008027

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be0a43a96c1b763ec5ed22d2d9d66198

    SHA1

    cb640d7fb130acfc3e1eacf6b5ff0b9ac31f2f5b

    SHA256

    1e245b9b9f497c28d414fb549d11975e16e6d78cf8c202fa4f2b75a71fca0623

    SHA512

    2e2706e0d3d6a7b3131aa753531e2e512d27655d73e200166299da97f72adea69435cb4859ba81e28c9cd6e60ffe7d7394301c88e29145ff15f9303dbf248f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c160a7022fc1478a1ee4fcd50bfb7446

    SHA1

    c3c564b5648922234814cdf079b502706a6b8496

    SHA256

    8a8d3fba5cdb3abf0d4c80e694fa52130177580e6da5e580385a6015ab336694

    SHA512

    4138c582814dd8af680aa39f58377a9d4fc944ebbe0a059789231fbebbc1e0087eaabde1b8100264e4b0a37acd399186b2ba545f7f3a0e3d8c879dbcb72c7a32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c5ed11af02b4f08dcc60e54e3c71db0

    SHA1

    1a0c55b43826e3988c4bad8d28717ea6d83c0817

    SHA256

    2d16ce9cd1c67e2a9e861a9732acffae571f294e1553c775f424629a89af7466

    SHA512

    32d474406e1a4724ef3ca71a09646e953e123d25cc732b5f8ff6732b74e3423954e9b4c1fab13540ebe0b2ac60a88b93692f63eb4b6ed934f60350c517b9c369

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3976a1d4c920ce6c7df6dc443c0f52d

    SHA1

    d8f9fe72d9718742b97ddc7e235a624d0b0064af

    SHA256

    8c3bca3aa3f533a526b865b6417d8115c091d6254991eee74d9fe00e8c2ba10e

    SHA512

    ffe9407600b956d69358255219280e8c7fb2bf465cc9223636b24fe8e195a2a34cdeec8ec0dd2d292e7078ad11c724d72d20c9917e033f05c7d6357db01a6ad5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    370d178f9f6a736f27031664651520aa

    SHA1

    8600809a712edde51c5ca0089c95ea074af32eb6

    SHA256

    a1aefa7fdbaa17d6cb28543480dcd0c8ef8010fc58dc82847b5f6bf530b53efb

    SHA512

    7ac7a2882db61286df96cd515fe58afe18878c6d5b41c7ae08bc566546882507b04cf7c64883a5eab7ee00f874a1745b01bf6c7a221b85c7a362f9d27c330f99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a56032b569f14e18014e02f60ffd5c2

    SHA1

    497b63256a756e056bc0797a1d2307113f71ea95

    SHA256

    13c185ad59363bb9433306b3e4648fc559997311c8b5548333c5bf5ec6562857

    SHA512

    b565d25ea87f8fab97625d12fd6b88198c5344db0b897d0085b00ee08bf514395a5504eb1f9617f150463a34f42a5b1dc89b424b848a676ab4f8a2946cce5cab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f04badc97b6cda6ac84b27143a377a19

    SHA1

    7af2ce59abc485d5e2cd0438e34b3ceade3547d7

    SHA256

    af958252c2dd2ce3e4b185c8b1f9e0450ea72fa74e1acb69949ce5de6487a3b0

    SHA512

    56f353df5f17b6b05ff532bac260c5fc0bd79c71ae45d09782ea6346829d1b36aa20e688073d55b5c2483a05772059575edff696274ea9baee1a2c8d334198d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a8bc9a9bc0a3d75d4fe64c846435ee9

    SHA1

    a099cf06c0a197059a5b317131bcb3b125d00d69

    SHA256

    acd2f9f1b2624378c8f112c3d4c2170d2c905f69c176176279328c37be67395c

    SHA512

    0a8d9d757c6cbd22b1c598f4c1ef3f6e60213b88c7cf3c90013383b1282a7ddb3cd1968de64133b2c25f08358dd5d06f72917879e6636e8cbc883295df48e1fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b55e03dec71420d94c6be8041160bf2

    SHA1

    b31c297650d2775af37ebe7d24d6e8ae2c54627f

    SHA256

    316c69f2c00b5739cef688533f7b1085705cf1efcbf912446a65e522ebbcb23d

    SHA512

    04d32b43b468495bc5eb8195ab91238a9706f5185f2cbb2ec4900f840b6a5d7e1ebc753b02b1f63dcaf6321cbe6b095416f45dbc39ae9d92e4347fec82680e45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4db5e39b3f88dfa26d6dff47091e34ec

    SHA1

    a7cfeb27db79d89a6f9594afb61074ff83ee04e8

    SHA256

    7416a752c88afc8d76210f9e6cccf2369f9431a9f13c769fe04b4f29d41232c3

    SHA512

    a1329ec85324f998b64f2dfd0916ea3ecc26f7427de53d33af902e6732a991bcb2205e2e041d6b39897928fc32c05ea81215323f312395c44ac75a0a9e3dafb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d1d89d2bac73add227032bc416df97e

    SHA1

    59e31fd2b2f9da73d8701cf441c04ae47253611f

    SHA256

    78cdc257816badec9c5f2085f1c950b8381c754bd01691b0bde3ca84a6cee420

    SHA512

    5fdbaf95f98e8bf1db2f7d4adafb9e2e97bb08d21980b932ee0612e405e658227e1aed1d2e3553fb0b4cf4a69d531903c25886349a09469fe12a79b53aa92322

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf2ccc94618e42f51ddbe00b7c0f4a6a

    SHA1

    cb29386d5df65073e396f8de6d1b1b3e3ee65c44

    SHA256

    8e8cde63f82355a7482e0188e124c1378325efbf0d697fc5ff8899e22f792eb3

    SHA512

    171c122cecac222079eeee0cfbe5939415aee14d7f09c497dca2b250b4dca9b9a81958480e1334ff4c72da9da1fdd4be5aa4c9ec3e896e43b6de058ec879bb62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d9bde3e7f5f06233a7edad225785c8f

    SHA1

    e91ddec5c1ca0dca8bfe475df56262b92173e894

    SHA256

    37aa907cab1646ce448e1c5b89f1de79b7f32c6e0869e7dadf077ffefa5d6794

    SHA512

    ced8b89be2714f2eada43f1d6c44e96db0b713e17e40b61a6e148a54da46642e85842ae26a3eebfd98b680bf264acd8b452a84c5772b97de7229bc4f6edb1770

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15a6e65b094e6887e46aa5ded8c75873

    SHA1

    ed1c92ee37338611f68dd50116bdbf50b32a893e

    SHA256

    c93e2bca6d946cc285a40e968104881d8ea951d17dd5cfa45b43a68867f47f95

    SHA512

    dae2e508bd5507bf390d931f2f7f5eeac4e31281b967300f83cce6ab94eb73b4cb385b807ae9ecdbb9e6fb3f4a686678e5cf5c1bb60526bc59aa9eb13e86ac33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b8c250b90a233e05ed587eb1ede1526

    SHA1

    54b151696ce71f03cc951e53c353e363b34773bc

    SHA256

    fed5fc10cfe57d480e171501ff93e472585894ee64242689cdedbad81fde72ca

    SHA512

    2abcea06bea14382506284eb7d492319ca787075e1fffbd13da48f6dd635fec30a4612f3dcd31494b2ffc486e53e49952f4065e9b1d586cb0bacaad412432574

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3561b3e063715ca23de643ec1f0380fd

    SHA1

    b7425fca005679b576ac57960e8b9608f52c70c8

    SHA256

    87aa708d33ec1a30a81e26442a2bb391bbbd56fd26c7ac2c3c2dd5d4dc1d508b

    SHA512

    1e2016cacf47a7f930aa07725b7944afd395a0dbd9bc5fb846d76aa9a779e7b69ebc848a57fa5bcedc48ff65d7ac9d677afea4af3e8f05cf5328b197439856ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ddee165603a2d93a08c9557380e2c8e8

    SHA1

    f88d3dd04cd1e4bb6b60dfdaa674b50fe725bcbb

    SHA256

    cfd53a33a3a132656bb4611df8fb95fe64cd2e01506e0810b0224a0b7d558751

    SHA512

    5b69fa6b83527cd7ba060dd9e675aa1de52c10419b318f6530636cbac03e64e011825538d839fcfa75f10af67619d2b5dcd9b4013fd76e85bf7b2106ad8696f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63f2830beda88d477fff085bc69ca554

    SHA1

    68664b707a0d0b4f85d558f7385ccd565da587a9

    SHA256

    f6c29e42511d32ccdfa7def91e1ba40a0708548c0c18a8fd0c442ce5ebefe475

    SHA512

    6db35164d332dc845ac54caab660e5e4dfabeeb960160b095767ca2d8f83520f0ea777e56e1367d8d97e72e34eb3fc1ebfab4feec823acf3c55ef12e4bf296f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab45CA.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar465D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1672-0-0x00000000001E0000-0x00000000001F0000-memory.dmp

    Filesize

    64KB

    Download