Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

25a5ef4ca2...18.exe

windows7-x64

3

25a5ef4ca2...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 17:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $DESKTOP/Internat Exp1orer.lnk

  • Size

    1KB

  • MD5

    9ffaab5f197ee38cf1fe65e19d4bb217

  • SHA1

    39ee57d785cb31b75fe79879ab5dfed14eb1a28e

  • SHA256

    6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

  • SHA512

    eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\$DESKTOP\Internat Exp1orer.lnk"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1936
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.113w.com/?waga
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2736
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2760

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd512b98e31058935aebfc43246ab6dd

    SHA1

    c3f66cee24dbf74e1dfa4230c48bae18b4879803

    SHA256

    7ae33b513e4c74f4232fc34cd62fa4413ae4ce54b032ccd528a0478262e90df2

    SHA512

    6c9d6c32a62ff48add91dca55340dd7024551bc80da6b5248fdcd251d215721be6f85c0fe13c4accda4c16afc7cdfc5f9febb150b08f15c5b1fea0d94c9349b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74ae768dfc3c9744850b86757cc0e240

    SHA1

    4bf35ebb8e24ac7ae3d7834e2af949f9d267bcd3

    SHA256

    55a1f3245712e280cd9373893c5ab812ebabfd56f080203737be15ae4a5869d8

    SHA512

    0fae5217199e19521312a6fa888c64d9118c8a7e7de9a52ff14e227bc6bdd24b3be06cce68e3906f94fb37b100a7c44e68e42522c44d8ff76c47979fde95edea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f85cd95490ca3cebc7f190d651f79b81

    SHA1

    fcc92d10914fb8fe66c2795d30270e4857d2deeb

    SHA256

    1b2410b2f611149c9dc1e85f5e9f13681210425850582d85b5605b3f27d51a1b

    SHA512

    0385d3fbff34d0a5be3023d61a0655edf4883a2544d9ac456081ffde19de60550de13630f875cb100bfb73d5c5a30a16b42d2951cd4537ce7c397f2472b12ee8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    548a48d2af2f2a7a7ef003d098260000

    SHA1

    1c352790643eb2d5d23ee9823ce515f36888818e

    SHA256

    2d792adbb6f3f475346cc0b25cdf31b7cba43e276381b2326d2219c02c2be1a8

    SHA512

    27b4c3b139dded714d5254fe55e4661c73d8f13002fbf26f72dbd21945e65fcc894a8faed35f501d3a33cc692e8bc19ea78a6735b4caccb08d4ed3a6517631ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5681055bac47560c48feec64cedf7e5e

    SHA1

    4f46484f84532f032f0f5e9fd69f54d18a1f9c73

    SHA256

    9c8998f96c76852eb0c5d5d6ba69957f69c232c213eea0cbce523edafd54fd66

    SHA512

    a7ead377c7e6d54caa93e7f881ea58b5718ee525e99d7f4348de365c3d1a21d0e348f05ba181361d03a04af416b407c63d9e519702fe964ed3acfd5a5b55a4a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15fb536acbe0910b19f55046d5d2a0e6

    SHA1

    10c16ae72355b573718a0afa8e029b2a911ced80

    SHA256

    166e51fef6822304ca15edbfac9111c492f9eb7bb021c4d048e095dd29108881

    SHA512

    7f729823e8041ffddcddf168b8716931b70d60d7cd955791843ed148a06e65da467f56ca52bd31c1873155b9f980fc8be568a6c5c8b0ee9793f220c192dae70e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24b2f8bd437fd5871fbde11c5d4f410e

    SHA1

    bdf08071d252b28af2c7c2ccc05036108d210d1b

    SHA256

    fa76c00367eb2ca5b66b9f0cba73c76479f7d90cb884187502ca9443fae017b8

    SHA512

    ac0c25319a64792b8127ebac30bddadd190accb93cb30fdb203036f2c595702717e79843518d43b4dc09b0ce8cc12161abc16e39a9159f55de31fc5f92c83670

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    094e0a56552d5d77341a87f0af960a93

    SHA1

    f05c7b353f96ed23e662eaa7c048381d4b2610e4

    SHA256

    e520fa477b1c5b7d4bd599c423bb3ea3816ad67d92deefccdd1bde71b8f0c4c0

    SHA512

    0e56aa0007839b264abdf5f2ab802738c10ed024f5ebe5b7231ea96f4177b61405eb1c3e1b3bf05716b3db80d6fa0a0c97b513e8cafec02d40373ee9b9fe2055

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f4c3cd4895c097a3e0789a00f7161a9

    SHA1

    909cbf4b03796f3374a88c3e6b1827e116f08e34

    SHA256

    684156fd7e906610494f1ac00fac5f9ce6d98cd71b0e1e4c5809022069fee3c7

    SHA512

    cd334226f19757ead7de6831418513457cf3eb0aea6fe67fe8a7bd6797171b39cce6484bcf4b2599dc478ad5efb4a905ed0181da35178058c85c9b45b46ffdc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f885a15f158f5fd9c86b01850fd0abc

    SHA1

    b5eea8f8967ccc111c9ce58ccc43080655a9ac2e

    SHA256

    7398b5d45dd38312faa4ea7eb415c3bc080a050c23f60e984d64ef0b18e8f474

    SHA512

    e4430f0fa0757d32cd6feb56ba93471802c04709c1234083bdb14278c7903a819761e5317c49fbe06cc837fbffba4ddb698f4a922b02f8373a6c992a91043d5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66c42d2c29448e65eb827869dfcff3a6

    SHA1

    64136eea8426e1a77c92a7c73a20de10125b9a4f

    SHA256

    e39e4044703d555dfdd208c0f2d57a54afd7ad118b5e800e063584795af4a990

    SHA512

    eeffc7e887c1fbe6a92e434efaf421a556d64afc964caae2292f870dc7781274e14ef01f81b3e82fd4f17d2c6eaf411b4b43b273832206b4d2e4a30f1e68483d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3FB2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3FE4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit