Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

25a5ef4ca2...18.exe

windows7-x64

3

25a5ef4ca2...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 17:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $STARTMENU/Ա.lnk

  • Size

    1KB

  • MD5

    62d588bdb74e4e2e5d1689fa9272ce39

  • SHA1

    9d0db515d8f65e57353381d707060f7343a74da7

  • SHA256

    248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef

  • SHA512

    cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$STARTMENU\Ա.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.mai520.com/?taobao
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2780
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee158650841eb14e6d56df4291607a0f

    SHA1

    37a374b8843a24e78fc92405da8de5d3fd59e8d7

    SHA256

    8e87b27f1d6a474349a9a67d55e5c77fe4056b7dd4a874383450cda01c4b230a

    SHA512

    f85ce721b386b7cae570888965496d12e47fd62a32f6314ddbf6a9658826e8b572f37eb0ca5d97b328e0a31b672348d7e62a1dd1d898d73461a3682b5896bb2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ced406511d19cbf20acf3bf6ade5fcb3

    SHA1

    2d8365203bee7f6405557ba5ffc25fac0bb69a97

    SHA256

    2cc87f71905de24710c95df8aaea73d4387da299d002f9d1f630bae58ca493a8

    SHA512

    a8990e5b004f68d7c0443febcee72e6f04287baa78f8b020b3fadb9359417915b0d04ee4ed2f9e5288be59b42c382484d54dd37d41fc9aa94ec40750266e50fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    858e22e207d066dd4f93b1176acab5c9

    SHA1

    68ee1d9afda75b29d979bda95ae3a34e18eb812b

    SHA256

    06bbb00198ea81e09f3620dfe4fb713de6c7ac4bb3f9352fe809715c77961865

    SHA512

    a17e324fcb8a5b99e21b1c3d93ed565a85c01734a56ea992cb69bdca81ab30005232ec4040658e1653139400d11bcfe1383b8979c71a711f68cb53692ab67d04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89ef5a590ec2429be4ee46b516c429be

    SHA1

    0c6d59801d69b09f96e16bf30ed99dbf2ed9b289

    SHA256

    5aa7466705a0f63d5d32ea718409149b3df4251071f0fdf4870d49e134fefbdd

    SHA512

    d58ea05c2321d544d69215bff270f52310bcdf9e6a8600869a3dcc15412b783b68cd825a359160f036c8d989d921fc8f9571c6cfd20a191687a1bef98f971ce9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6aca07aa0ff0c1b70814343977edd11f

    SHA1

    363768732c5ef60a970aaaa50a90e27ffd6be4fc

    SHA256

    f3c0817cdee2aeae787bbd73024a80db12c57e807ebae7c774fa1cb3bca9cc6c

    SHA512

    4276c119362b2bdafa44ed1f4491c46a081d26301f3578e2faaba63aa9767a265db7f3272c2df54fc1427fc60c2c7ea2cfa5d08b7178a1706a6fb96b707254db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50cea421260ab140af4b79528521a7da

    SHA1

    51333e5f08f6c725846882a502ccbe3a87483c57

    SHA256

    7f3065312e4cdfa485e2c3a077cbff94a478a2b03576dc608d422b7c000351b3

    SHA512

    fe1c2e77c4629e579dd98b673f78ed8f417f7bda58ea84cfce9a7597c8ad20db819555d2c71bd24094d5644af837950421edea66992a287ffafc8e1f83fc7f61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    690f063f1a91d34324b79c79ea5f417a

    SHA1

    233856cd5b14fe51ecac0f8ac8e1061c792c246a

    SHA256

    e8e4ac180bba2f6ae6d9f2d511f8d81c78d1d0efe5c0397806c0d058dcd7519d

    SHA512

    8a789c45ab71a055995045b1cff559fc8d3eda6c85076a484ea0c2418bde89d33fc2f7fca2bd632bbf891cc38c41919865591fab03fcab5a84928aef799506ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efae2326da9b5577a63b3d4c7ee954a4

    SHA1

    592a69c9eeda1eeceed6792e198a061b8bc15657

    SHA256

    57e0e939ea49a09f08894baacb96f8969626f630188bc28e953125e8bbb8067f

    SHA512

    8f6a2154a6da735ca20ece6674b6d2e9d59eda38e96a131726b9b10ff93d1828809c192b27e4f345643b2f3197d65f3ec29b9ea098b2f140d7d73fbbc6c3bf68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3687c64722386d760e310ff90295473a

    SHA1

    925b924ae26824a803f0fbb24e4bae4db077eff9

    SHA256

    f5f2bfcbf4297973721af79330e76c4c8dee2f53763f1ed082b8200ba30df424

    SHA512

    c1108c86cc1c00f3a1cd6131e63d57d72df16812c53ad9478fbe503e5f9f61c8396f82904379d34f48a253e6fc3d7540c9f8e5e0b7b9c9d9d7440240d6af46cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77fc9a85412c881faf9143b6b2429fe2

    SHA1

    87c11a826a734a7015d59a5ec28d9dbfbe83d87d

    SHA256

    386e3c8aa64c191714203272bfac4841a30cd2781dad5c910dc6d9dbadb4710c

    SHA512

    7344a1c5c4ba13a52b29a43c88c90150309d563e6f3320ff8b7244d9b56abc90f92c6c5c0fce179040f20c6c4c430685ef10d8adbe0f1cb0137dcd73ffcc68c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7262340f9111b08f1039e27450b54ab4

    SHA1

    aa6503a778cddc35d8f39368f1420dc17e3c6cf9

    SHA256

    98e243b1d95092f202e3cc53064f5cbe5283f4dbfcee005073659c86444dd68f

    SHA512

    e66195da7a5e3e0472daba126966a6cdcf32e46609e3406fe3497b641297984337b51bfdeb088e712b9a92d883da757b69573bd51a76b5560f5b16809068a948

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3820b9529b6f5c6adf7574c86a28785

    SHA1

    eb0cb789dad50776478a9115213c6131960b5adb

    SHA256

    c9a1ec5d29f339d71518f805908c092909b40649b327f9a2b9b221d70aa61add

    SHA512

    b28db318da9be27406c26d63385e44efbb772ac032691c609a0ed490be9568b4dcca0bae6c7a80cefcac8b6f5211959782d999528b15b620f76f688bb930a1b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed1c3c8d4f6e1f52f6e315e242c3bd86

    SHA1

    8988809a677a6ef3151fceb8c1df2cef6bc1884e

    SHA256

    ef0df6859b721d890476707be23cbbf50a51499d734e770201bca76b13ea6917

    SHA512

    5f60e72dd3d7ae0599af7346dba386ba1b7e89ceeba28124c67f28476ec406c003984ca1df081c3a596aa8aa168d04e3af2154f7fcf36784ae23a4763e212c7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22daf165cfaf951348466ac47d9df1a6

    SHA1

    1c18c7e51a086b2ca12b1718fa7244412e6c3e31

    SHA256

    3043470ca4b87f9a84bfac5e8263d14a6a81ec55d487daae8154f8c8f7660788

    SHA512

    341cabc6258f11543680631d57220f03d715acafce3cfcadbba676dad5565d1b94ce5360e6ec5664bd76aa413d05a9268b6bf94d4c5fc6d39546918bad3abb9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c3eeddc1b395fab94ab04967f9ed2d0

    SHA1

    d91a6f8730d76a7efdef3441b96b185ec859869d

    SHA256

    68f4239534c7cc9973e0900db778dfcde5fecb15b1921900c1ab114dc5d9f27c

    SHA512

    f191e0945c11ec9191c9563c4209001920379ee61b9a0b66f05addd758720323ca12dc4095cf35dc8cc53f8553a277bb8f645f2c82a4fcf4d882267874eb024b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5e6170f0025e8463f7d4f38222b8958

    SHA1

    3943840937b47ec2c4c6e7c6821f6942343f60a3

    SHA256

    dfea51eb29274fa5f8ddf00fe0672ee2a8c3ad54590dd8ea2b848fd2ea9a4a44

    SHA512

    a1f4099a1ac63b95cb3b7aa74e7c32d800fdf1859ce43e2a684cca552178c081710683d3844d8e76faffa8638b4564990b07ea52b7d3248fd74566d9ba395e0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d40ede959774587a3007caa6a968d3bb

    SHA1

    f6b3576c7b824cd7dc055c27101c501d75fefc90

    SHA256

    e0389bd011fb2e42de15eced4658d9938d3b2aac5e6afd308f6781f2c124e9b2

    SHA512

    9f71585e33ebb476d76ac38cbbc72c8c424e6581bf1a2e82d8116617791d86ee1e672381f146e31dacd90232198057bb4d1aa366c0f2df6e132be5b1bc7e3097

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c14ac62fc20f0ef2239e4b9fb8f656c3

    SHA1

    e009091947a1e14a2c422dd97c6a9ed13029613f

    SHA256

    548d923484aa7cda9add6721f71f75396789175b2c765c6e0dff60263c40cf56

    SHA512

    b8ca77dbe481ba2b7f4b1b5bdc6b1b92e2b10c8f2a592ebc94663be0c863b3bc1bbd186b9983c8ecd7722dc844c5f9984a12f227fc2788d12ca586f8f3734c7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bea4346e2dcc188b222d3755eae9a774

    SHA1

    7aec6bf92610ecba76751b2f14c7711709b5cddf

    SHA256

    acd2783aa44abdfdc86a5769448eeb53d839f3c4ce6952659c0077de249884ce

    SHA512

    f4a87158944a92ad112752ed7a2733b832ccd646ca2c2bdbe56cca1a04f64163e2d5dbbbd164882eb5bda632a9e34ace5e798970f46d607f6359ac0517c96f61

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD77C.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD821.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit