Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0f562ef020...18.exe

windows7-x64

7

0f562ef020...18.exe

windows10-2004-x64

7

$APPDATA/�...÷.lnk

windows7-x64

3

$APPDATA/�...÷.lnk

windows10-2004-x64

7

$FAVORITES...÷.url

windows7-x64

6

$FAVORITES...÷.url

windows10-2004-x64

3

$FAVORITES...÷.url

windows7-x64

6

$FAVORITES...÷.url

windows10-2004-x64

3

$FAVORITES...Ø.url

windows7-x64

6

$FAVORITES...Ø.url

windows10-2004-x64

3

$FAVORITES...½.url

windows7-x64

6

$FAVORITES...½.url

windows10-2004-x64

3

$TEMP/A±�...HJ.dll

windows7-x64

1

$TEMP/A±�...HJ.dll

windows10-2004-x64

1

$TEMP/A±�...Io.dll

windows7-x64

1

$TEMP/A±�...Io.dll

windows10-2004-x64

1

$TEMP/A±�...Io.sys

windows7-x64

1

$TEMP/A±�...Io.sys

windows10-2004-x64

1

$TEMP/A±�...er.exe

windows7-x64

1

$TEMP/A±�...er.exe

windows10-2004-x64

1

$TEMP/A±�...ll.exe

windows7-x64

7

$TEMP/A±�...ll.exe

windows10-2004-x64

7

C:/Documen...��.lnk

windows7-x64

1

C:/Documen...��.lnk

windows10-2004-x64

1

C:/Documen...÷.url

windows7-x64

1

C:/Documen...÷.url

windows10-2004-x64

1

C:/Documen...÷.url

windows7-x64

1

C:/Documen...÷.url

windows10-2004-x64

1

C:/Documen...Ø.url

windows7-x64

1

C:/Documen...Ø.url

windows10-2004-x64

1

C:/Documen...½.url

windows7-x64

1

C:/Documen...½.url

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 19:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $FAVORITES/ÍêÃÀϵͳÏÂÔØ.url

  • Size

    142B

  • MD5

    75819e641311cf416a2e2c7e77adb856

  • SHA1

    fcb4dbaea6e4f2e08bb48a60364f6ad9981b89a8

  • SHA256

    63a38655e1d0d4494ad75daf31aa18168a525eb0d6444ad9a04817e313a28cd6

  • SHA512

    be94bd0e2f0a0e6938dc662f8597bd13d7b2d4b3f9c050facf7710a8727c41350296524c432a474837c28ade8688a9d3d55e299c6daf9d28ea9bc149e1ce6f09

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\$FAVORITES\ÍêÃÀϵͳÏÂÔØ.url
    1⤵
    • Checks whether UAC is enabled
    PID:2068
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1704

Network

  • flag-us
    DNS
    www.dh234.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.dh234.com
    IN A
    Response
  • flag-us
    DNS
    www.dh234.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.dh234.com
    IN A
    Response
  • flag-us
    DNS
    www.dh234.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.dh234.com
    IN A
    Response
  • flag-us
    DNS
    www.dh234.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.dh234.com
    IN A
    Response
  • flag-us
    DNS
    www.dh234.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.dh234.com
    IN A
    Response
  • flag-us
    DNS
    www.dh234.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.dh234.com
    IN A
    Response
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.8kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    www.dh234.com
    dns
    IEXPLORE.EXE
    177 B
     177 B
     3
    3

    DNS Request

    www.dh234.com

    DNS Request

    www.dh234.com

    DNS Request

    www.dh234.com

  • 8.8.8.8:53
    www.dh234.com
    dns
    IEXPLORE.EXE
    177 B
     177 B
     3
    3

    DNS Request

    www.dh234.com

    DNS Request

    www.dh234.com

    DNS Request

    www.dh234.com

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6dbec7cb1d8f98c1f249f75c5e68423

    SHA1

    c6e034834757a6d0a5809b5ce15ef20af953648b

    SHA256

    8f67b4bcab08ed397b3cdbe368484d378f92f2af28475c44d7e313ba67faac37

    SHA512

    a10bf41166074fad6df0907f932e8ad2afec0cc18aef2d782cb29b5e19ec9ff05fd30466e6a509766ed36297bc2c76648130b8ccd5ac75518ec03e9eccdfc728

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c2c40f965738512447b4efaa921be82

    SHA1

    99ec442fd8b24a26041476ce3f49aee1dc6b0836

    SHA256

    2fdfebc88256f9c4367748547d0ffc8c73ffd395bff9c73f734b545c035d2f77

    SHA512

    57ca9ae43a9b7359beb4ce2593a8458bcaff3cd7ad37fa87fb905d428ca331dd233603945d88cfade847cf02093bffa2acce4176dacfd0ed91c4d13d814d1d0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    693ed7325e7ef5b68afb2046be22a098

    SHA1

    1507746288af1fa1aaa7129b7d3fbcd93d465dce

    SHA256

    7b58e48b33e478ea0ff0260f15addfc44f8f51655832d88a14853821e189d761

    SHA512

    829ef0f3e42663209ee26e59bb25ddb3918854ea7c0a425441271eb59b1d5f24bb11531bfca5d514d8d8b83e5b005e7d07605f39efa4d4273a79e7b22feb4587

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6238a4c94cdcb2d18c288d0ec9590a1f

    SHA1

    d4e1f28585d979c291d2ca2c1dda6d1798b4dcd5

    SHA256

    2ad388508da1be1e7523a3485fb2cf88c2a3904346a4134d1655d11b894892c1

    SHA512

    7798f6613fef32cf00c96828c92f4c5abca33744c415b418a78054356d0a34328502622124d25c44de0c328f021260ed147d02d23a5b303c4f4cee8f0d1677bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12aa677f3b13bef1d4eaf52cccf8fea1

    SHA1

    8d4e15a3bc0edd7bc9e73b98dd887fe0fcdc7c25

    SHA256

    b8cdf239f732b9f4d6fb7fa07bf0a0a4cb19152ddfd77d160d709830af3ff58c

    SHA512

    1749be308a4e5785218fd8c17f4ea2a0f71d1c3558f8dee1d2c1e49f9035e6099968d5e0b33bf8b68cb3bc49b1a2c9337b5ecae8f9514d63a21e71e2a7afba8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7b8cd6f3a6a7f27bbfe4a749dc72e3a

    SHA1

    b32ad56f9a648f1c18856cbcafe063479248ec69

    SHA256

    9c77e3528c53948b6ec3ec278c074959ff7a3df1d7c66c17af83c4955466e436

    SHA512

    9b92c8e7b137b9f7c356a69b483ab68342647e0959946cd2ab3d6c0b1575792becffcc72d659b127b741ea8b40ff98df249455c3dcd9d4b1ff55ff08f655218e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d89b788bbef0844f0c803e7242f7e2e7

    SHA1

    1346063380b9601e29698e089bab544cf070356f

    SHA256

    1025885f576ceb23fb2a34f9bb53e7b4fccf7e9f9f14861282742131a8604656

    SHA512

    1ad35af0cfa7ed9ad38ac564b6f258c4eeca4f91a0fd061210409d81762f94d7112627024b3c5fcf30bbc3c96805f4a66d8f1fe4dd92e4de1e10ad63fd533869

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc9e6f4ec25f80b8bd997a45e89c1e0b

    SHA1

    fee118bda9b77e0fde11309e74eb7d146b16776a

    SHA256

    72017c69b151a966604b34a88dbaa7cf5ab47106d081ff6e7d95e95764548a09

    SHA512

    eef291a434d23a7ab0ffdff4a4bb081dbb96adafd955a0642ee81d80cad1de7381b76cd8c9680d1f2ce502c510055a274cc296657f6c6d59452e16b020f393e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29101182eea27ba1db4dfa1fc6de2466

    SHA1

    d802fa9402358d63c4b56660307d751d49dbcda4

    SHA256

    3817341804da947a25c85811702e6be2deb0692000c0b6ab23de0803231c9f0c

    SHA512

    231c3e873f452480ca3822d655d6c1763c29bf452e7556e1350931e753cdab5f0e0f7d6228ecb1142bcd522725449ddc42e59d333555483128b30027416a32a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1041d3bfe84f0f3ec0f379df9ca64aa3

    SHA1

    730513f4428ebfee79ac6857e9b7f390a69f096d

    SHA256

    12c9a1d2687bd2e5cc0ff4488195d0365078a690c6d5cdf483213a8c09b6d9da

    SHA512

    e2c0f37299debcf4251e84b59a12d3b923661856f03eb0d5a7ec3504b9c67f03bde711fd26c7aa769ec0cfae6e042be5547c5cf5feb8406b77d5302da62ccb99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e83b42bb487f5cafd2320a24e913962

    SHA1

    b3f82b8dc2a162f49d80d66bc88da678f7f5f7e8

    SHA256

    d9bd0ccc8f73f1669a34efaa80ebe49974e517c9ccf8d98b866ade1eaa9c1d3e

    SHA512

    d408ee1b5c4756e7f034b2dd4c1adac12b52032882eba4a95565838a78e9afc7617bd10e13436b81ed0ace95d09f7d5c93051f8abf0a5950c51625c97da37aa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd1bfbcf221f16add6d0b845502555f0

    SHA1

    2f421d4ce759a5cbcec6dab3c9413ed9e8bcbb8e

    SHA256

    170c2e6781b2dfec7da411370784d0489646f5a08c9bb911465e3de59e3f2555

    SHA512

    60f6d2117a2bfb74d41d93028a95c4456a601859ab4e7b9180155fbaafb21723ff16c1a4d21389cade0cb4eafcd320f3e5aee3efa8f986b4e641b6ab4ba531ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13d4abf5222a0cb38a2b7068f851e740

    SHA1

    6d394cee678ebe81c29e355baf581a9f55fd7d28

    SHA256

    ea60f6a19a6e25389b4038ed11d488e7c44c575b2374b03e2935180d95598b14

    SHA512

    2badf09223e36c88b0951400e9d4e2363e12b1286fc83ff782a61111dccfa238bb54b315bdee5e45dcfef9d98ee0c4f7160ccb94373cd60858872d43de7b10da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fa6f0d8c54d7104e0f90f6243a295b2

    SHA1

    5e032d602825e3a4ed68fbcdc0bdb2d28fd3a184

    SHA256

    fbb3195cd5ea732bf29f09c5a203b4dc1449831e4b7b6f52d07c0434882d18ae

    SHA512

    7432d06931508db0284619521272d8f402a8dec536563aa1753ca751240642cf14ab3116175ba41446efc9006386a48b5f73ac5ef413be5a3163c3b7e6efbb5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    894a4041ceaecf5c8858b629df72127b

    SHA1

    feb12fd7fac9b6e61f5f5a4e707761d1437d6b95

    SHA256

    fbc90e7b38d957685d335e726579ed956f5489a87dd76ec19743662d3330ecb3

    SHA512

    cf1e5b5869acbe9f1b5870f3cc8fec6ed46bbd67dd791033631113c5107568c2785cb3aee2c89fbfc9abc7dfad952ab6f7d3f9d27da871849feb55421f066960

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba154401ef6ac63ce4b1e584fc0f220e

    SHA1

    761dfe1b2760ac4ceb10a46402d1d860009e11ce

    SHA256

    d9434e8f40e8a96ad57e594238e5a28307f579bac55af2366e9197400961f503

    SHA512

    1f98c57b4d49e609a9777ad684b40b8771d26fe7cb16f88094dea9c0561d9dcc681ddb9d84c50e6997f8572121cfc175b7346e4480f10ae5d7ca06e0605cf4e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54344f7bea1302e4ae2cea652fac0172

    SHA1

    d87b2d9062816eab019905dcb195be58ab7aa6c1

    SHA256

    9143ee202e4595cc260f60563659a0441d98791a937bb525e9f8d41dfb5f3370

    SHA512

    baac548b572469f5b0e86953ee0f66a4f531f4a00382a732e4adf863aaacbf5307243aed30fca94205a5e9a8d8d399dc7fd96bf61b09d78a025fbedf526f26e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cfc60fa6c4b57280a11273e460b23d7

    SHA1

    fae730c7435a895ea981a6ffb035331fe3465bf1

    SHA256

    a1c8b63b3d81b6038c029cd0a3359fcc90403862f74537d9def40efefcaa4d22

    SHA512

    aa4efce9bd05099c6e3f33ab5fbcd9694acc0e6c64ec98ee0d1abaf4936cedb9879a1b1adfc79a8e0f6826549e987b48740e94e8d6a51cf893ca8b5fb44f2ce3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fdbf4cf949719111274521c1b70f13f5

    SHA1

    24a642d457fa84c676e9982afb5fc1ee1f04b0cb

    SHA256

    13ffd98eae7cc129118d5234d3a6d287d4016b60beb1f84b0351127c8e6cffb2

    SHA512

    c50a511b255df5a906d65701529b752a75deccf1eab2aa6fc156f945cb8944f55c9073618c8faa45cf9d349dbfecb67245b87a809df1990be371eef7091d436f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c715e32f04e7f3c010b0b2e836b6b8fd

    SHA1

    1079121b24fc63c762f9e9f83ddbb41a7b57828f

    SHA256

    6096415a4954cc9f90d90ae148f2cd5cd2809db6e853ba4a599808259cc3e308

    SHA512

    8f15b9a02ffe4bb7325f9738247220833dd5dee56eb999f9706ad284a1d77fd9728f679189dd83a2a16da766aaa44f96ec9bda856f3b9bcedc3b1352eb96ee83

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDECC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDF8C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2068-0-0x00000000002D0000-0x00000000002E0000-memory.dmp

    Filesize

    64KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.