Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

25a5ef4ca2...18.exe

windows7-x64

3

25a5ef4ca2...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 17:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/Internat Exp1orer.lnk

  • Size

    1KB

  • MD5

    9ffaab5f197ee38cf1fe65e19d4bb217

  • SHA1

    39ee57d785cb31b75fe79879ab5dfed14eb1a28e

  • SHA256

    6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

  • SHA512

    eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\$APPDATA\Internat Exp1orer.lnk"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1680
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.113w.com/?waga
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2488
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca5c660cdcc903d6665177e8253c1643

    SHA1

    c71e97649ea1837361bfa1204e97512077428749

    SHA256

    9549fbd1148985b3668b5d32e31721f7917b59c01330a435cd489ef5f003e292

    SHA512

    2ca926af8fbac9b8fadca8ed4d3ad108e5b446ffe1a5db61af0db8cb59bbb220ecb2fa8a8ed7f953a17e5d360e55d13b8e2e9ce59b0cf9c43c4b2929822d77b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    092472fb27e2a163d6419a707ab8a3bc

    SHA1

    50a2d0c2ce463088f3c9b55c0d3fe783c196063b

    SHA256

    38d9278ef520d98cfe43265b2d452a655f82415986551b2d9ca3f3dbe594f699

    SHA512

    dc3c9908c4d978aebde01513a03a0c76e2e7a6425a97303aa323d1dddee0aea27138a6b552c0d1da248644b1a480922c0d933962e266a7a951978325cb92b1b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03659382b49c6aa9c9a2f21b40d1c17f

    SHA1

    e25dadc4afdc91d0f8fc83330db050058e44750a

    SHA256

    d2f870c68660c4bb8ee4c866573675ed6a52c5f1f92d8b0c3556f4e1b87a08b7

    SHA512

    465bc2c168b43a9182030f6ecdf11177dccaf3c6f4430d19ecb4fad992a92ab64966e68e890ef7bcae84f9870c03d798efa7b469c2052228960eaf521ec019ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63c47688b681509ba063cd7ad6c0407d

    SHA1

    208499c7953cccec5b20bd8954d9c4614e36fba5

    SHA256

    59ed47fef0dd2b02ea03a1bb941eb3d743146e03efdb66bc064fd895ca2f576f

    SHA512

    d0ade3e5504ab4dcec55914c16ce6a3f70a3ceb658b722d12c85c79b4d736f0837821c9da7eb8d927b5f1b068a25a78d56bb4e8d18aa03c1e3f3e0bf9f6fd60e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    956f10cc2c98d4b98c3477c9951af29a

    SHA1

    fc340993f41860100914acf27ce3a18b9ec95ddd

    SHA256

    f819c45140b6273c294c427ed11dd364d347c4aa391929bc884d40a04f76dc24

    SHA512

    97d282dd9c4c73ff915ac47d6326eecac393659717d919b19b35548622b575682699ecd66b233387a4e081b607ed51e800d1826ef1429a86e66b0833eed5e949

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b00390227c9c4f060f02acf47b80b94

    SHA1

    42ae7bf038488ad9721a96093723aa95c9342ac8

    SHA256

    94f1da1b27010c80740b43ab7f94c3f7b9ef94d6c4f25592580c3bd0c7feae09

    SHA512

    6c4163705bd4d11ad497d57a21142e04572bdceb899fe512b43cad14a53fedd66117ebc32c501472dc61b4af948bc49619fe390a7f59fe830e572caa755e3a32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c061b0ae2caaf4536239c0865b7cde90

    SHA1

    5ce13acca75ce53757edf999896362d131aeb501

    SHA256

    8135a3d310a92aa22e544ac697a318b75c02d437afe1f5150693a180da6a487c

    SHA512

    bc4e61d812151801383746a87e116267bbce1faa3abd89bd4f927c90057d1e189a1707b79bc81dab4b6993b248b6dde964acc2bd16132d6a57828d995a130ce4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1772409ca2843f7a2e07b05f848cebde

    SHA1

    7605eb478fdea9ee3ac4dd0c9a2a2c86520be9bf

    SHA256

    8102cf053f9d40dd35c40f7751617b4d1f3c58f05db4e0c532c1322778aa9be9

    SHA512

    fc4892b029e53827b7bd800c61940678e65ec43a98a28a6c1e34b39f4493946b6242bbd91a1d695111839b965c30ae8b45f4178a6d2152ebce35d4864f12b469

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40b7fdc6b65ded2319c17a7cd63e7b04

    SHA1

    6e353165f327fa1bc4b46b5e40f769c194fb851b

    SHA256

    7b11d5b451e2aa661e3c756372f73a602bbf08fff0f2da9987a8bef5721c7c2c

    SHA512

    2dff150493289476ab1b16e87e8eae43175eb758965a802e1ecaf082360b59d00b9449f8c608e13d6d3bc1e4f761699fbe3e90f2f8d39bcf4eb8785d453e8b40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08f1e2c2e22ad148f7a71ab75c9f6d3c

    SHA1

    dc18adc1f97d6568f58a15d92339f0bb2192e33a

    SHA256

    62f0adecca38fd55ef4fc04576d94076445cc170f05c5592f803755f93bea003

    SHA512

    2728a64cd074b5ca9e762fb07537de67515334e221c19e5e5fa3dfc824e2a09d6f1cd552ab65eda1c405cdfee6a854f1026ae5908fb11fb38dbacfe35e12c709

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c3c1e86f267d23507c6315648696ce8

    SHA1

    eda03160ca714694e3115b82d2bad013caf2c6eb

    SHA256

    4206dcdd784c247023a76977c9b93b20a6d5a897b1c268d10b56387f8781b3f3

    SHA512

    09b42a81940e9e793cfe62d3a45522f4cfef839e6a22be08f32d21e4d062eecc4ac1b16e76f9c3d164fcefe5d87305c0b697938ca4dd31409a328e39b7a35a65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23e5e304d9f8f47b77de6d59bf65ad08

    SHA1

    8de82a3da5d730844e9f3ff01e3a0a8e14c567ce

    SHA256

    e04c29d811bd98b87a4c51c520c79e90076f8276ddd688a9668b5535ab1569ed

    SHA512

    bb33d7704c247945781f5cf686436da690e5807f7260ca9d1ab7ddf92d75d7022e8e456ed36f839517d6032171f29052427a4a0d1ecdde9dc126b77eecc9790e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e356c9183761d333d92ac61b9414ee89

    SHA1

    013a82a96d3d832f325962ca6838bc4ebc39f362

    SHA256

    a316c14d32fc67c126b1fb754d8ca48be937aed87d652f26bc1ed1c5de954301

    SHA512

    8702b3303461fc6911741c930cd13d0d2bf6963840f98a8d2487a9931a59d2b674936ee30c695f854244bc0a235b955acbe9b9b9ee78284540965c6f5e9f19e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2c039daa5cbf57bf823c74b66395459

    SHA1

    dee7e0a880e237347966b8af1960dea11c805c27

    SHA256

    9a00f33c84014151c9f30a9f9fa97f2aa36664fc8685d101c9009e3c13b71f3d

    SHA512

    672b4e495a3a6e5ec63c45647ab463378744dcf7c82383e2ffb3d538c09819b0fd7ac715be5144677c4a087c9c0d30586f304c0a064f77847f730b3c64e492da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e46ca1f0f452b12e97075f8f31836d05

    SHA1

    82d69ebfb7e1950cadb42bb604a7db85d0b522f2

    SHA256

    599aa090e871e184320f351161517db21b5bf698797b2804466a5217fa857409

    SHA512

    27ce987d32cc711611b1b26275eea7e31090a0a90321ef457e8f1fb17d3e58c0e9f908596c36be70bfb07b1bc412e83142e29621c2f86116870446405d42a52c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b170fae36f5cd952568ef87b54ab4b2

    SHA1

    fc04ac792d50fb11b5e31cd88d69a1a658eabc5f

    SHA256

    20aa99d301b12d0728b896da20583be86a0a7a2b5a480fb485daeb3c3465ce56

    SHA512

    13f41e5f7bac537ff9c4ee7d1a6f8d808eaf587fcbdbbe6c529cb4dcaebb3ed30850d3978293fb4a34137a3349fe4bd606a8150df9b5041431903eb4cb2b5804

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    681731d0503ade735cf47db447b2b6fb

    SHA1

    07caa28365caa224033def8438021ea509171411

    SHA256

    b68adb6bf6d843d89d5129c8585134813b03f0b7c3bc20f0f694e5beba60a8e0

    SHA512

    bcf5e5e5e660804cfa7c23cc4e481742cc1beb64121a124bfcd507d32301d0094370c223e53e3f8f200916c1f8c3e4f9d2a19b90a09617b908749bb94b0ffc1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbb5aa40cfb4c89922864d03c0ec81ad

    SHA1

    4e228da41ff6ad4e5b6ac4d321796a76d4eebb4d

    SHA256

    8c8ae266275a7db01f7a30464701a9fc4a5a42ea45a76a8a598516500b9e2dde

    SHA512

    4bb667b3ec6e068d49105f237238f5246dbeef9ed15079e75ed1dee1330045a94cfbf1e863651fed68b7c283226c9e4559596f7d943d285f290b14a9897de483

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f36702d48c03a7e08f61f4de529676d

    SHA1

    2d44057444f7dc5b0ffebed6b2aa08e86354e756

    SHA256

    baebada953941cf493ef6ad511f70400b729f446dc599412cc2387f41db2ed1c

    SHA512

    cba2cb203d2d8d7a22e365d6fc47e863454981f78e291c6d1e6a14f7e3e6c86f57a34d55eae22662fe702bb66a0ba4cb01070250313e5bfcfba116f2fc39f592

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3C58.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3CE6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3D0A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit