Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ChilkatDotNet46.dll

windows7-x64

1

ChilkatDotNet46.dll

windows10-2004-x64

1

DUX4.dll

windows7-x64

1

DUX4.dll

windows10-2004-x64

1

SQLi Dumpe...T].exe

windows7-x64

7

SQLi Dumpe...T].exe

windows10-2004-x64

7

Settings.js

windows7-x64

3

Settings.js

windows10-2004-x64

3

SkinSoft.V...er.dll

windows7-x64

1

SkinSoft.V...er.dll

windows10-2004-x64

1

YouTube.lnk

windows7-x64

3

YouTube.lnk

windows10-2004-x64

7

bufferGeop.bin

windows7-x64

3

bufferGeop.bin

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 15:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    YouTube.lnk

  • Size

    1KB

  • MD5

    c7056a1f92245eec9e5ca71f406c4811

  • SHA1

    dfd0cf087771943aa92e7e88114e993234425d8b

  • SHA256

    bde117478e44d3aa7d55122cf450f10b5af74cfb4ce82ae4fc6fb7dd414c2469

  • SHA512

    640987725389f98a39892bdb03dbb59f316227b6611c488665f2d166bd8434b34b86ad1d784c9b750e9d57b031ea1c1522be37822111683e2e8762213cfefa2c

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 47 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\YouTube.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe" "https://goo.gl/u4VrES"
      2⤵
        PID:2584
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2648
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" https://goo.gl/u4VrES
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2472
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2472 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2464

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
      Filesize

      914B

      MD5

      e4a68ac854ac5242460afd72481b2a44

      SHA1

      df3c24f9bfd666761b268073fe06d1cc8d4f82a4

      SHA256

      cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

      SHA512

      5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      1KB

      MD5

      a266bb7dcc38a562631361bbf61dd11b

      SHA1

      3b1efd3a66ea28b16697394703a72ca340a05bd5

      SHA256

      df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

      SHA512

      0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
      Filesize

      252B

      MD5

      a17d869594c30b17283a61ab454801d3

      SHA1

      5d469ec5e30efdc9861af2eca318fc775786c4bb

      SHA256

      6bbab794c7457f3fdefe63747c35a52f1d1e3d622fe9c735ee1377abc1125fa7

      SHA512

      0d8a9cb4dcc1b49d744037cc1aefa022fcd2234560ffb269695c489ff429dafefafb0e08911062bced08b50329fba525f40decff6657ac3b547ca6983d6c1dfe

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      c015722b0e3199a3a2fe902bef1ca9e7

      SHA1

      1f43040048a71d587cb81251a547e05e905173ab

      SHA256

      0dd1011e9e2598aab0ef098b5327a04f2ca2cbb5e55179160ed7ea80a959ddbb

      SHA512

      c4e85958a282a5d0e5bfce2d446178c923068b388c8a3118ed1078eb4578aa50bf317aba33607c4033b0e1af55989ba200d16ab2994b8bf6c2cd4613426a1d10

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      e8d9d6c29e2d7e494f5409b678eb41c7

      SHA1

      8aa5f7d8cdd82d4178ad1fbcf8367c5b5a05a8c7

      SHA256

      01314c666ae5b16f45e955c7247a5daff36a9075ade984318ffeaa71b193ee79

      SHA512

      47518f5a14b4208c2c9af82ac043c7f61db29f8e72940a350d6f911d376d2ab2417b7dffdcb47263eb93f57a3753e0bfb335e76ed3b11b4daa61325d2fa2fc88

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      fdb8109152873f357cda3c401d456213

      SHA1

      1f7ddc428f1de954d34bfc2670435a38bda904d3

      SHA256

      bc0fffee726c1f271cfca15aed5ad576203b32a466432a0fdc0e2ad30611ef63

      SHA512

      fde37814386d0b211434eebdb5712f203ece2be458f2b4c2aacc25732bd4b1e26d46f467f77b6da7f7733e19eae156a838c9a3f83dcadd9dcd2295756452e49f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      339af1e3bf7f6bb59d73bbba116b03e3

      SHA1

      64cbc2695317471fbbed538aadab2a479859c886

      SHA256

      41f8164b47563c7f957daed19d9908d24db02e354ce9b9ea6ccabe7586de76c6

      SHA512

      0e7fce585b109650d5adfdc1e8ee4b76db16eda1a372db437e6635a45cb8cd25da40b64aba3e4949aa59cad54d9d5c82c6a88ae050b2577e1ada76460329b4ed

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9c34e28c465a2b498c386c47948497f7

      SHA1

      f36f11b63538c6ba0539235125082c6b2d78783b

      SHA256

      a099a5dc38cf13a024f486a43f46439fc7779cd1a981a91dbf7e824d73e8c925

      SHA512

      626ac55df233648cec2839394ac8ae0167a6561df42b1e68ad738a20a81189beb1dc8660e7d27be893516b9bd0d99362e73a3a5c282eec224c90184d3dc6ff4f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      2f5ebd1ac3ab50ead0d56573b95dcadd

      SHA1

      e5ffc99beaf0d1a50975de78ce7ba5f715b1ced6

      SHA256

      e7f5d9f4e433c961fde61404047951c178d5dce86ca5fa164cbd481695870c20

      SHA512

      1f6c3a28eaad6e95ac85aaf8783ed8676041932db24f6b4329911bc14d58db391d19744d8738f320d481409bfbb0c97160708265b481cf1dbb4ed1d86921413c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b5d659882555235fb6c45c11794d70a4

      SHA1

      0c8c4c88281df26acd43167d85b31df781c36757

      SHA256

      f9fe60919df8ade811163e0ab16515ba0cda29850f99936ab4b3a7f329926759

      SHA512

      3cb71205808e8ceb22da1c22ff79ec3681b8f32b63b7094e1d0329363fcfa9a68ca014226a5adc169065494e906545a76a294d1816b4d6cb80167fbe59ceeeac

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      db98056b0ccd1b5b242b79ae160ffdaa

      SHA1

      51848cc726c84d0fa3080af6a3dafcbf6464e700

      SHA256

      0fc076f49fbec554e237fa296cddb6cb58c135ec82b84d33c34de0f2b617927e

      SHA512

      a418cebb03728d86d4b1496a6cec9f60ec885d92a9203c7960eae5c4063de029b8153b658164bcb1b9eb0aae578c3a3441def114751fe5dca9e1b2197e9a2c9e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f7899c035f45523264af262464a7e128

      SHA1

      e5efc7dee580e0837d4fe24617067adf8c5f2a51

      SHA256

      3a7459797cc33822963678d8d102e24a8ee30c3d584467c971b7ebf0f6e3a761

      SHA512

      45537531e4e96c4eb1e08d9bda3b64bb6f1dc1476d2df10f6d46cbfe9feb6b1d64ae99ee98beeb048a0ae9c1d94ce3a0f9435761a0cc57010e19a3fde5ac76dc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      71f7af81a13873425380d7c8e62f6c44

      SHA1

      30bd516587082e402bc816a7422458c497a06228

      SHA256

      7e81b8b13c1379239f3173296bc2958d87c336406d24ffe0d3fe84531329ddcc

      SHA512

      b0f76bd04a3b18be10084fbc2c1a15763ef34859e423469709bd0c73147dfbaf74998ca2654f8c706d9b751119b283e197a8e18abc98a5f281d38bbe067fc5fd

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      26664c2a9220b001272268036fff2acd

      SHA1

      b52a78162654bb07a80ebcccb5c16d3377ef18e9

      SHA256

      448fa1204ce589665dffa87658f21523e402d4da1101504188fbebc8e2033e3c

      SHA512

      e1ca896bde16e54231d4c365d8ed03269b226b95e41df97b0bf0567c5339a02b5ab5ebc5d18e5e69be1e2e3c9f13b4f5b044ac194a9fd02e77003e90949c652e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      dabe4796904e3d1d99891bad3682e593

      SHA1

      42b33278270f41e52b0d57ca5e4a513327033b39

      SHA256

      917d0939c4f2f0176fec2d42002d3c2241cf319dc1186f420de2fbf071b93a86

      SHA512

      e75a98c37b2f87f92a137f9a686eed14ce9be07f9b47aa92e929defc2784158d13a326c3f70cd6573e676060565dfb99313b2e10f07414c9863496f4b130650c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4b5eb85c6ec343313a2c66fa99fbc48c

      SHA1

      2e30a20d3316b66c979afc0d98506fed9782a082

      SHA256

      06db6e477fb5e32fbfe716022c4740b431a358df87bc34ba368c66e699e23cb8

      SHA512

      01ef45e97beca4c2e733aabff97a79f4f2194e5ff41d98b9aecbeaaa3aea9bf099b93eafb12ca0e6e01092804cc87800fe9102d8092f7a5e04e49f0b062e4906

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      76ea5fa1f12e374da245ef13a9c943f9

      SHA1

      10aba365504100330d9228a2f4f293403dcb5043

      SHA256

      4f13e2474eec1e78e948353f0074ff88900df050d70faa66d700c6aa0582afe5

      SHA512

      e49b9e3dd05aca6069e74b4bf675537fdc908648f0517b45c08a53eba1816d1d2a8647d6c29ad14b0f492b14cc46f9ffb2061addc2d72f79deb1492355799780

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b7ec6abe01c5c2ce8dd4b8a398996095

      SHA1

      c8d9c16c5b5ca38da6dd6cf1925da5b2180fc2f6

      SHA256

      8a430d5e6fb26b3184a22d23496c304526f4412e301a88168670f95d90c2cc8c

      SHA512

      646ba4c9c9c32f88b49f947d4e7799784f97ca725464ad6474606c13a22c17a2e3c04844f42f9de0262dd41c51b7e98ad5a1d7a29324f2406c6ba89a39d9041b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      1bb6526637bc798cb6c77fb32a5004a3

      SHA1

      9aa4d871a48fa7998c6f9a0850c9fd39549db574

      SHA256

      2baefb2b43c3c9e0ca0e89971698662691e1778451b592ec9c1e41c2def89eec

      SHA512

      58f00aab5d3afc7a55143e6f884f958fdda758031f3ff4a68cbc957e31c4ac0b5548b430615c465757691b9e701e496b692d30d9e56c531766119b170f346e51

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      5c6489e95a92a5509b1ce4ca928a8765

      SHA1

      0494fa4e5a4d17448e601855e74999ce6cc3aa1c

      SHA256

      a2d65d19ec1563618496733663bdf9a58beeb1748aa4747fded628ea2b8cce30

      SHA512

      011dacb0d0193dc9ab443a35dcec963638f768ae55d8784fa3557bfa20fed787084c0f6661083574e2acc5ead2937991a977e6ecb056aa2de8ac3d8a365fb3ce

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      242B

      MD5

      616f469bc919c771a2ec79bde7a94db4

      SHA1

      640833215d94e850237b1ed114e9a9c7b7be84dc

      SHA256

      4c8b54a930c38d95bc6001cf900bee711eb9be069bc1628e51ab4dde12208f57

      SHA512

      b0120c06648e1c25eb2056beef5965ea12187f26c71f6bdfff2befc8b85d3525b6cea1c3d26da2e8dc5de35435bcbfc9e9478d83adf5a5e9de0f3f1ed0c6ae94

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\LVF1EF1P\www.youtube[1].xml
      Filesize

      13B

      MD5

      c1ddea3ef6bbef3e7060a1a9ad89e4c5

      SHA1

      35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

      SHA256

      b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

      SHA512

      6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\sxsuh4u\imagestore.dat
      Filesize

      7KB

      MD5

      062630e55e8d5ae743e5fcc712f78a65

      SHA1

      220ffb8a693db873884446449f980b89354d94e3

      SHA256

      ae519acc4a39c3d4fdbe321858304d707e5f28fd991f1d244441b303b5f6acef

      SHA512

      31bf5c62aa76492d02a2744519e751f2fa5d45af8d13b6c9fbf2f49a8a0de388961f416188f26de3866dc6e7c9a5216ede951f90b94ed335858c7e73af357173

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\sxsuh4u\imagestore.dat
      Filesize

      5KB

      MD5

      dc4922774155534832eb965aa06f48d3

      SHA1

      4443da3976215133e0e4417bb89ac172d6e488e4

      SHA256

      b4acae4c677ea388abdaf1ae9883cc569002d721ed935d15ad93d7e67e5647bb

      SHA512

      853abe83bef696a4f89df49ffe47e2c791e1c57c46f683901140d77e31dacc41cdca0cb8738e88e9cbbef0bad98e78fcc78696a6793e8ec2a3271d05e2b011c3

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\favicon[1].ico
      Filesize

      5KB

      MD5

      f3418a443e7d841097c714d69ec4bcb8

      SHA1

      49263695f6b0cdd72f45cf1b775e660fdc36c606

      SHA256

      6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

      SHA512

      82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\favicon_32x32[1].png
      Filesize

      1KB

      MD5

      12430f012c4b6b4a91c63cbf1369e1ff

      SHA1

      a8502ade0c47e23230e5da9d5658ec1f1da309d6

      SHA256

      079919e3400ba9bc0d569f5634cc41b2fd1b8e7a721b2b473d21f10fe2fa7f6b

      SHA512

      17b7564088e12cd64ae79e7179ef4b26941370dc442528cb08320fc0d40bec88d2b77124624685acf9ba974467e27a7051703761c6fffe5468c90217cac5a4a6

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab35C1.tmp
      Filesize

      65KB

      MD5

      ac05d27423a85adc1622c714f2cb6184

      SHA1

      b0fe2b1abddb97837ea0195be70ab2ff14d43198

      SHA256

      c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

      SHA512

      6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar35C4.tmp
      Filesize

      171KB

      MD5

      9c0c641c06238516f27941aa1166d427

      SHA1

      64cd549fb8cf014fcd9312aa7a5b023847b6c977

      SHA256

      4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

      SHA512

      936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar36C4.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit