Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

25a5ef4ca2...18.exe

windows7-x64

3

25a5ef4ca2...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 17:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $SMPROGRAMS/Internat Exp1orer.lnk

  • Size

    1KB

  • MD5

    9ffaab5f197ee38cf1fe65e19d4bb217

  • SHA1

    39ee57d785cb31b75fe79879ab5dfed14eb1a28e

  • SHA256

    6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

  • SHA512

    eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\$SMPROGRAMS\Internat Exp1orer.lnk"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.113w.com/?waga
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2604
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2604 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e5808cdca18e5c25432db0cb98c1247

    SHA1

    35523c94fe79a0896b8ba6ce13cc0a6a8417df6f

    SHA256

    29099e156a237737f281b7f6df9691ea243c6912a4edd58996856d0aeec6ce0c

    SHA512

    5f4b510af0c1515ad99490ef342756a2d4d3e2b0f254fc3f17eafca9d672beba00cf506facad2acc42674728ee97c54d11f8fb7064d2e46c3f0fe94a7440b29b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ca6f5ce60c6ac66f351dd91703de883

    SHA1

    c2f15aa9b3fc33d8a60338ce2551c9869c6f3203

    SHA256

    8036961c842030926d9635df443b3d1be195884477e4fc194acca0889ff13ed8

    SHA512

    a59923b8efe7dc2097858ab6fdb456098fd9ec57c066ca803d9075536dae7908d9c4ee91dadc02bfc28fc0d64045de9bb09a0f2187151ac4fcf38980eed09988

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92f7e8a8809c693ee7aaae7da89c056b

    SHA1

    b0285cadaaf2a038ecce4843ae46df2090ffa948

    SHA256

    936c7b7aa94d712df3f4d045257e6b76484e4991f92e5136910e3cb6dd509a63

    SHA512

    2ae5e177339bfbbe036e8505dfdd49ad8a649b52240e33ca975efb19320e6e9f28be872eb2fa490e531ffcf4361f609b11a994b7735afd471b1443218abcf2b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af02fd2d67d32d86cdeed30d180fc8b1

    SHA1

    18685bccbeb336a6105de3b77f413e60619ddaa4

    SHA256

    17cbbc628be2d9829d6304ea06e0ca37329c7c0244bcda26ecdc5bd94c6a5797

    SHA512

    f2ab656890efc9b82310aa928a2d799ae2375d2bb9b5801f1f30f42b3891d449ae8b59b729b9afed412658ee6b9d199336ea0eed581091cae7bb071423381fad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    071f4f6ea945f0c60575e02f8fc1b42b

    SHA1

    3ca3b614b95615ae09b576a0730866a28972267b

    SHA256

    4bf5d7a326c485e917e8e90654ddec98fdb1bf81bb99c6726e639756a474de98

    SHA512

    684a05568e293af8699452a887c9d13c55daed074d6609ae213bdad5256ca6afb213d5d816b96ae4c54e7ecb65162424f9cbe55164e1af8d04e9dddb93d68f25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35282a94dbc6c6a749bab068bf84e5c7

    SHA1

    0f4aae59528986be37bf0592d3fcff90060a1e33

    SHA256

    15d503864bb407f11a0cbee5d100a72358b2cb87e77b3cddbd8362cc3c227d4f

    SHA512

    4afe04a66a9d5218bd5252e60aa1edffcc03fedcb08e9eb332acec5c0148577f5950ec72ceb448e061154f2232dc0ee3cceb3954a34945535442985566ffd376

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38ed199d5e2fdbf4aea219f3262763b5

    SHA1

    4d593223d4527fdd70cf2d1464352aa84120b9bf

    SHA256

    7c483aadee7f4b7bb757fbea7512e2587286dab4c6421f972e22f9f6e3b1937a

    SHA512

    568d9557b74084164694a1d459c160e5ca75a1e46d7790102712129b072f8f21bda58f1f084da2ff0bea036980ee8279f6ecb7b9efc21e597f02efaaa2d4ba58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae8af80f6da27354af5c6a87ff064a7f

    SHA1

    631558a9d1b892ded7a79481e74c1637bb729521

    SHA256

    7bcaa91790083d47a3e33537cab4803e29f1d75c34ffde1d5e2a048147437ad6

    SHA512

    2b5aea6aa52187407b70afb90b0c2f96a9c4729dd4105f6d6ed289c1432457550b77a802cdc4ee9b7b2e9b7eee667e89d6aa17752f500edd89b5678700906893

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28327cb5bb70faf0240edd76978e5c9b

    SHA1

    05c8d829026ab0df60269e7b16207ea36417c906

    SHA256

    cff74c42500fbd84cf913e9dbb7c9cf081205c9f26cd60a026822cf0a7bc1f5d

    SHA512

    b2e6b168b41bb94e0197a26b7478417c30fcea0abb103bef84d182c8120be4e1094a9179923495aaf1139f2acb39e80fde7726801a9f984dc6db7d6371f49112

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f6bc6602dcdfd0e289ecd4ccbcba986

    SHA1

    bfa0a89ec798e23ec66dd4257bedc726656188bf

    SHA256

    1c01558c3d9ac3061ab35a7bc1b2013655cc328fd56fe4140045b61597701764

    SHA512

    4d2c95c410a22d5ad9045851d06bf1c0c0a20dc5a3ec2483645e1cd3317e7e8fb77acb75e6ae85f1739eb617565a6900e78f4619636d1b0da8291574061e825e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    529b5b04ec1b49b258b1460553128c1e

    SHA1

    580cf9a399fdd58d3519c63c8cd82086203b8763

    SHA256

    1583ed763e321b060a896f40672ca046e7259492caecf21120541b7a9c7d58c4

    SHA512

    2fbc6a9adcb4cbb4daf090b55dd57878ae942eb7c678fbce06d04ea4daa0640e24ccbc53fd9722bc1aa0386a808698b2dc75f34f58cf233211309974cd78f8e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4d21a69a72c29c6911a83f3a726dd7f

    SHA1

    fb6960f2d7f3ee86a1c2ef0919653effa3fe8020

    SHA256

    aaf434d8219d234fd7f2baf30bfe7b52befc321f3187afa574ed2eaeb64f464d

    SHA512

    139287e384f0e2c37c6c6b3c7c954c8de51e26caef2c2c07e28e6edd5469c808f7f30ab79fd0bafd31fefe812c59e3de7d1478bfad85897fb3f3fca2c9c1f1c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0874f41df3ac2643f9fad50ec79a2245

    SHA1

    bd1dfe4f55a78df50d50d2e2db502bb4205e717a

    SHA256

    69b83d31db4e86095ecfd477b4b29f3fef3ff138b7b6ec78615f2178e3c3f0a4

    SHA512

    9ac70b0e10d58025a7caf8dc2570b28353675f8afdddfd7117cdb6648ec2354600114ef68e222414002402a48fd9edc6214a41a0134721620480e224951fa693

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b305f47c8257159eca92c3b3123c883

    SHA1

    c91de95bb2eb337f96e5147ce82a9b990d7b6209

    SHA256

    8df81ec951fd6f1e54c57318bdd351c8cb18319d5ab914b895d50267e34f9f2e

    SHA512

    d3a46ddf42f9f50e2e128b9da721bc5e66db19b08e9db477363577ad9495d5ed2ab455df3c64819601fc9e2a0f7dbbd3dae1bd05603b284c2992ba17173c3dcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    604eff330d7f55f8001714da038131c9

    SHA1

    bc837213aff4d5d110c195557fb1f55054004a4f

    SHA256

    ef2a1b77f90ece2159e5b6eb23a808a87d0f68c9edb90069153ff4dbf4223e38

    SHA512

    105e472251aece268266d1dadffac3ebb0b92c1e78727c41187a527f636b5a0b64eda57d4fdd7b4e701b83a8589f0e91a3aa0695b0eb0b735cf2252b4bab76ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08c9027310f9c4086f325811a03c20b9

    SHA1

    5e7a5b1c63ed53082e73a1fb4b40654635d4f5d5

    SHA256

    ee1eede6ba7be33a86dc4728f5039f9ed0b687ecb720bcd5b101314e464a9d2f

    SHA512

    1c70481b5ae3f93e674e60f5f4feed4570b717e9ea6e86dc3bc9224ad18f523f5ddac09b697570d695f2c4edb1eb62283df7b45cb8556ba953dd4717862416f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14a630a426d64ab58b52aed43e5a9190

    SHA1

    0b23a65208f2ad5fd88bc9f756e45e1504d0336c

    SHA256

    b8aee855ad7a071ddb647278f61add75633ebc929bc13133522c4e179f17bbaa

    SHA512

    d0f98567b15a1a2ea5c0acc633ee762633bbc27fc24bb63bf2062ed61e11627f6e1dc698aebe685fd4d77452bebd96724572f27c40e09ef5c6229fdd275a594e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc7661ce90a524d6c88ef521a54ec0cc

    SHA1

    cc518fdd7f3be29907d8ccbe50de9e70a63e8c0b

    SHA256

    ca2fea56b1297d289adb25d818d1c64d0393c7c7c57decbb959241e847f003e1

    SHA512

    f343a625591e7aab32e3d52507e4b8b23abfe321ccc0a359d1caa7fd63d00ea5ba83d2aa2d2d56e784da0d0b28eaed9d6cb217d89d6630424fceb9b38caa8195

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75d38543c9fcb1e36eb5a16b346fdb7f

    SHA1

    b48bda77bf480bb860074a454a6529c4a17dbeb9

    SHA256

    5e5d94e9dc1f44f7f303ce3b876a651d5dae1a3a629042aab79b4199434d6eab

    SHA512

    7c8f9a2b15b2bad5b82fa106bf709c5886d7073ee755dfdaf0979b66b3d44119c93d482906bde6b9225e1a035bee0b5bd0cd317abf96b4b9204c40c98b1fd6f3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA362.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA451.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit