Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

9b878500aa...62.exe

windows7-x64

3

9b878500aa...62.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9b878500aa7efbb09affb64b8bb542721611925559cbdfca1ca1e5dfce492d62.exe

  • Size

    1.8MB

  • MD5

    84fa424cd43cdcb82f723e617f078c5d

  • SHA1

    722bad431ae91b720c59d2ca97d80178e9a55935

  • SHA256

    9b878500aa7efbb09affb64b8bb542721611925559cbdfca1ca1e5dfce492d62

  • SHA512

    3e3dd5c329a90b6e67c0e9ed742b5488222e81b9f860767e9dd331fac6b97791442ff301cb139c96e17a373701464d9a87ebab43526ebc9249812717be3b5405

  • SSDEEP

    49152:zdjaHjZcFTfSErNmY4Lbup1Dqekmkj0+1:BeHjZcFTnrEY4Lc1DUBj

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9b878500aa7efbb09affb64b8bb542721611925559cbdfca1ca1e5dfce492d62.exe
    "C:\Users\Admin\AppData\Local\Temp\9b878500aa7efbb09affb64b8bb542721611925559cbdfca1ca1e5dfce492d62.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://hao.360.cn/?src=lm&ls=n52ea9e9193
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1664
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1664 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea05bd634e42f3a77b5cef8b1dafa09c

    SHA1

    865ad4fd26af7800c937678e701b9bb2c1f6a25f

    SHA256

    25c12888143cb8e11ca74fce2c6e82004bfbbf6109eb88c4db22a5551de8c5a0

    SHA512

    583a4a469ca7a869c9c29055f040052e88bcc1f8de00ae2710b1cf698e6598bdaf95df1996b19f08bfcea8cb5ddd514daf8c7447ca453b3a40c2ab4773b789c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e9dabdd826b1d21fd124334f89ab6b6

    SHA1

    e6ccb02ee2ac438a6ddc62d1f11f89b3bc9c5c3c

    SHA256

    4ba013e449b703ff30df3ca6bfe43958d5e201ae1fa7b5f6bb9384ca76e57d0b

    SHA512

    b002afc93ab8da0fd0ed7563cfbfc385e5316fe8c094c7fef4ad210e3683ed1e0104f417c005c4a4a89fc40d1c80a3f84d711a206f202437aa3c51dfc1b97447

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fdda677623d23221f8c8147d81cae32

    SHA1

    18f429600ba9b87cb1256988d78b06c446602d80

    SHA256

    78eaeaac0d060730e1810020b5399d50bfb0a4ae32aab2fabb43a2cf4963184a

    SHA512

    9767d9087571cc6eb808c71a9ca5ddde34c3ea48b9a72b1f369bf841ee15b14f18bce80edfbdd4263929f21ef2f83d06d7d6d82fee803f45a3b4092932e4c7b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc8c6e5315e3e49b9fcadb06ddcc900d

    SHA1

    d23512042fcea276756976cef5b1fe32ccf1d84c

    SHA256

    bec4d553c517e9a6d8a134cca874658eec2f087b7469db64b22d2e81acb22827

    SHA512

    1d556825eda572d4c793fc4d24df3293e6d26aac57f9aec343447ba992f534c82459320e75dc68605e75c56e068067b93d2381c789573b16dfdc7a71f78b73c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b2db7b280e27b81e7cc91f225bd788f

    SHA1

    4e23791571abdb8d6c9552ab8f0e7c6da74d5be8

    SHA256

    60d3dcccf0156f337b58ab9201f191360db224117c5f2bbd8cbb854fd5de1f23

    SHA512

    805a3fc91391ec31fb74a9e54347e4b7b3e3e8266825ead4b345c467a14ab00e0a948d702f5e60655c66e8f710ab210e5f91f7a547195be245d1e18db975fe94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d02b7e8508eb9055682aec1c1e67ca9f

    SHA1

    66d9ba90808ba0a55a39fceb127ea2d01be965ca

    SHA256

    f1b5e348c7ae60578a4c9b90743907aa4a1d01753e2ef4a4463460091935319d

    SHA512

    b2f299da8e859f2908b44f48c0623565f7c5045ceb372db13c1de6b55c816f108ba2daa714043ff14dbdddf59273f943154328a6bdd6948ab6100c5e09c579e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b351ed5b9213bf3a9264092b3f51f21

    SHA1

    720d0bdd9db9bd1397e5741fd1bebd92424011fa

    SHA256

    76e0f256ac43305c89af83fd56bf9d390749d87369b33e881605385c8a4d9467

    SHA512

    de854f799aa8a9d100dcb69597cb503233f6515edb1f2f24343b850d2ea69d96a08f6d1db030f12b2b917758ecab83c5d50c07bad4bb300d40fb5864bc344d87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55dbed6327743be443e0e0d341bde81b

    SHA1

    c709bffb8f3ea18fd7ea67b927ecb7022e4ab913

    SHA256

    8aeddd8ad826596243fd09895462189bb301b1f3cd74a6634f17364a6b47a760

    SHA512

    3a816b2d171ad990a675df83b8cd90f8121b68b15b0fe4d49e6b9a2d663fb5aa60f6a604eed61f5ed99db29311c0807847db6a072d164a1c0acd33e2c905ca5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    502d3ae10fcd6c4db72cab82df59d5e5

    SHA1

    bb3bdd9e6be5ca872aafabfa37dd0bc11bbdf7c7

    SHA256

    8addac00ed43355282652891235a57d4e9d0941e4ce0353ec72a851c84934ba2

    SHA512

    569979b71c1c86303f21496ac5731ad586cd185875145ccd5793d9871b7ddc13007ed7182ebd82e2d01ca1459d2b01e87545848512a1f706b2c36d46339b3557

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a1a170614bd7e2598b17349d98259f9

    SHA1

    4d50c502ea383adcb7c2e4a297f00635a95323f3

    SHA256

    f280bedb7e8551486f20b950ee5e29b700994b5df9cd25c7a210c41384db26af

    SHA512

    5cefd5c388de9440d6c1811b69b71e379e5e98a0bcbbc47e844a1e92d0b8d7a7d4da4cf96aed7edf053903c34f576784c447d5db629af9ca361214f1e3c0cef8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ad298e526f60225abf405c21b74958f

    SHA1

    01bfca8d2bfcad175ed1b67dc557288caf913a0c

    SHA256

    89d819efedd4a8898857ad6539204d33258fc71ec35ee74a90976ac28df5ecb0

    SHA512

    2575f85a430da9508c274e66fe7f6264f63d5da4507f147f6c089f0291f2dc7857145a87fba684a2cf37080e6064705b80005f70d50ecd0cf842cef5509905ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6d96aab6ca72af2532b51c693d3fb31

    SHA1

    ddec59f552acb67e9edfb0964b509d10e4ea89a6

    SHA256

    575a157a964f33266c6b5613e376f32c0f007b82844a419f80ee4564dc209dd5

    SHA512

    45ec89a76f4b402bd1493c79c0313dbe6c1a246f01dd90e37a1f20d017f06d2b89e63ea4c52ad81394b704da2e8b35abd982355de244e46d8b8cc88ef47ee15d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03adde891794076840065955e61e58a3

    SHA1

    ba63f02898fa1cfd2f94248e824770a9aeed70a0

    SHA256

    e2926c2b3f74ffd59df9fcaa700f2dfdf0725b12d322797f0a6ccd33b05438ec

    SHA512

    1a76bec9be64d68146495b9aedaf8400ff59fa3a28edf6a1cd3b70202c84acb323f14f68f8a14b196c314fa45b090fa44932327c385c65b89ba47d0bcf6d28a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3ba8803b5b8dc9a72c252fc91ee7f45

    SHA1

    9021d06f85b287946ec8afe5428e075071327501

    SHA256

    0b699c7ecf9f4d0341282dfda1a8ed72b84c1ca81f1b19a0352b4d9289dcf6a1

    SHA512

    8a3849008170bd99d54faa7ad249d4c03df6c5bc7cbfce8a882faa99cb3d261e57bc2bf6b9fd09124c5a883c058cba25e218da035d29f7a3efb056cdfc4aaf6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fde08ecca9a015cb61e577bd5a14b646

    SHA1

    babd8ef66f081e035da4f1699ae7b51514079ccb

    SHA256

    2c65affb8c5c450052f415f921a3130fb86f940a6884dc9b4960373314d92b2f

    SHA512

    fd8a5d722c1f046ade5aa91ab416c283882faf5257cae47260d44c66405960060a1a90d5f67e063ebf9d3018a633580ff4f6147ad7cdfb1ec7f5dd360cc89d50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd9e281a78d6e1886f8f25c03fd8f913

    SHA1

    468fe48ab647f1014eb7bb9bea74b038d69bab93

    SHA256

    c7e192d78fff2649dea4ec7feb64ca6fa611745593c44aa61bc0a04ebcf8b007

    SHA512

    d2bc3c4eff36199fb340c3e65bf9d1e881bce0189d2871ebddd3378994ea259eafc96e3dde616f099f106b38a7ee8a2e12ab14e858eddfa765896eb583fb3e25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69a893f92f29a73612c390660ff5a56e

    SHA1

    bd7a0f202e32a111d43673745a4dcd703e87d28a

    SHA256

    df11916e2600682f3c88ad63606024262bfd847c12f3558e952ae4853d28ca42

    SHA512

    1b1d1a0b24c23cfd327a73f3cb13121d6803b987a08103c58fdf73833d541b821ceb4018e2e5346d70a28605234bc2fde3cfdf912758ba839e22e0a246ddd79d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a20e2a61216ce80c2504b1151ce9ccd

    SHA1

    018962fefd225de5ac831373ab9dad11b242e36a

    SHA256

    fe7929770ddd3a3bf0d70560af61269bb158422e20c306f357501a2fed2741d5

    SHA512

    f3cccacc590de574c8ed95b9c7446ef8ec4a430c7e668cbf12804219c17bf83bf479326525b7252e29ed8917dcc273bce8fc3cae0792bbf0c914f4a1e33d6348

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC78B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit