Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

25a5ef4ca2...18.exe

windows7-x64

3

25a5ef4ca2...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 17:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $FAVORITES/Ա.lnk

  • Size

    1KB

  • MD5

    62d588bdb74e4e2e5d1689fa9272ce39

  • SHA1

    9d0db515d8f65e57353381d707060f7343a74da7

  • SHA256

    248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef

  • SHA512

    cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$FAVORITES\Ա.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2372
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.mai520.com/?taobao
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1740
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2544

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4570ebfd544bd4588a66c7d114947ccf

    SHA1

    c5508a5222cf649f24cf52601f3a0826225a4e2d

    SHA256

    60ae89116c1423bc5dc73c830283ae45933bdd8d02f91eda5c8c3caec4282a76

    SHA512

    d27332dc1bb04e7eabe5d52f6e17d3f082fbc2db3fbf9264dd0bc9a00e0677945b66d01978c1a5ce3d7932d163bdfeac4355655f2643f2bf76d1ae14618a1943

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cf6a7cca712e98ad50e00841066c440

    SHA1

    c6e62f154990df2596392673bb791c0a5e566aea

    SHA256

    637ac9cb0e4bfc40094fd28e89c46a21cc616108395eb1dabe0bc76ce4f3130d

    SHA512

    ddccd317a723fd95e7c1af4b3177e3094f401d43f77ae2f8cc23b0871f3d60156006bfe0c8c5b42daa38a8200455a7106693453246548a4c7a892c108e33b5db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a22dd678c5d3726e17240d87fc37097

    SHA1

    9805cf511a9a5af68dffbb382037cbc4043cac4d

    SHA256

    bcc76f1f6a013ef4b04c71060517fcacc24327d35f02e571fe2b314f56acad8f

    SHA512

    014c52c9de1d38e77285c5d6ea1c97131e8cbb3bdb05a955afc4257a98c02fc5fd6bbd75aa4076334c49e6ba863cc94c94f3c77a1a0428165f689c2fddec0041

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65ece4627098962a49b6f9707c480974

    SHA1

    b4fb488c5eed86121d5502de3dbdca0c5bb46718

    SHA256

    fd96e5447f4336e28b360e2050b934b50027e68c383fad3069614871e9ca6115

    SHA512

    20531b3c499be935be90bc10737a2dd4b9145238a4551817247ae020557b7c97ae73a4dc97766716e3383e278e5c3082a9237eb5220e3a14ea7370b655c54809

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    086427c58d77e65df269a63decd55935

    SHA1

    189b5a97fcfc44efeddd60f9ad342b19ae1bd11a

    SHA256

    86dc7c68df6580f7a3643bea9e488a4aa27c19a485955ab0ad8bc2d6ffe5d9ab

    SHA512

    b089f453a3b7e02d0b389404fe7f28bb6f43bdbd0baa1bb5ae1415ccdacf2041d98594c7a2a9d5ed72484e333234ec4c3b89ee26b04c88c011c3d4fde1752819

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d43a7f33e8f78451603a352b4a69142c

    SHA1

    cee207eae628c8bffe207ce8fa759d9186356b22

    SHA256

    2800127696114d234b406a494c96fbb630e948d84908577b495dff9a551c921c

    SHA512

    edf497018aaa7eb75e64510cecd6308056ccea2dd23f31068b91ad2d52f2ee0136d5416733734a90917824fe0c7341f44127387db168056f9a0084e2cc529ebd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2438f034e1857b4bd97036a2a911fadf

    SHA1

    92a23dff35bed44e0f3ae4404c016d9a0b17b732

    SHA256

    39ea4585b264f1d34916ad2c6b8a569abd49c1e4a55e783854585618e80f129e

    SHA512

    8c846d4f43f5ebf529ee9daabf458c03ffc4fffbbe5d301345fc62ba27bf34ded739a66913769beb54c8d323e270dc94a423738557a912fef36e5fccda479ace

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5153df67ab9e7651c00d6fae37c83e83

    SHA1

    8e652e459b95eb452c0c50d72e3a236c63f4af96

    SHA256

    3c02a7a02bd9ebbe7bcd174f542aea8b8387cf13ac18efebbda81a1916653898

    SHA512

    6d930cc43fe1d1e573f7ff16cc3734ebba1a7185a942d629910c76c98737bb2d2f4858b65f4ec3ed128576292a899443224fc2e82bcf94566a9b8d26012d95a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44d09af7b75d3a4b81a1574cf721c77f

    SHA1

    62f7a42ea3eaae2095da6a10b7dca6570de3b6c3

    SHA256

    30528c7ccc0d9a2a7416342fbab5d0e7929f62e152e441ee529f1992c2ce6359

    SHA512

    79684a136cba6782d01ef12566b8c0d84fcbe5c99d6eb797fb0d7a85c97a7314a9be57a4bed676268be05aa0ed07908d3555f07676410a13be09c7e032b57346

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    814b61faeb85bef5e66f63398020d95e

    SHA1

    013e479cfe2d13c4d1392b5ca25f133deed953a9

    SHA256

    8c0a4de85302a907de4b2e05ca8f60e238969c186d414d26465e4f2e89452d80

    SHA512

    42002ad5c671a923091bab6d9b53479acd534d892ebb182f8ed0d96596655965cff8491726d8574d1b0d30b26063741ccc7455bc1d5b6f73d3a8edaf477e188b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90437b1c4ed8d8e79bd90cff65b33296

    SHA1

    f1ca38ee89451cdf1cc0e18c70be581d87bcb411

    SHA256

    cb1b966932cfb5a71611e57a76c0a2e8e2b8b32888a44f8edd263da2d5623da0

    SHA512

    a5642481db38c36fd3a2d4bf447e675af0297d74a7398a9b2adb33beba2dbd3b9b2240ebc78abfb47ada03eddf0ebab11c0f3e82c1456039f6805eeb6424a07c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbb153a7555e4a03373acadad0d4deae

    SHA1

    c174d74e7e45164f459c7f535272b95cd551a708

    SHA256

    cb79f27a1d0acf385cf4a2138e3c88c89f7ad93d069d430a10bc44cf7a17ac49

    SHA512

    df9d9bd07cef6f96227a61c6ab9d82d50e3da72253591eaaed50ae550b87445e537e88fb1713a3cc1e018b31d6927f1abdb315020d618bbc56d21f7167b20b2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c8c724153fbedc18e49f7f495a4b01c

    SHA1

    9066bbe2a0db2a8d358f299bce0e5985f53095ce

    SHA256

    1013d0a2b112a0f44d5073291c8337215b93fa4bad30f5d108aeec779fdf14bd

    SHA512

    adc62e28cd323bc0a886da8725d2d4fec810b09df63f48c7201be35da84ba49e24e2d01711bc0ddcf3fa4fcaa720f67b4fb0dd6112866985c84703d5b13d22df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55c17d5bb56cfb0f7dd4ddde1af06d25

    SHA1

    909aba48be180119d4cf225b3cc1ae9292804b9b

    SHA256

    51fe337bb83661810c7f44dee56f2ae8cb76d39dd6820de7dd6ca5f790407967

    SHA512

    d1afe8664dbdf2711cddf7117d1db6d3275ae758a714d3a45892e7d1c7d5e7d309716b3d7c85de953049f7e36e2f37010f0b78a7a3b270df84a844fbe7684260

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd6d4180fb19460cf2cb3e5dc3a02f24

    SHA1

    717a0e4b16940ef28610cc25f8f504e8ddee6473

    SHA256

    c97409386cb282e126f30a0ed7591df2a2689587bf16572a9deb146cd99b39dc

    SHA512

    20f73060812492179e6f4994cc271a83498d4b073fd643bd62a2235d0206e7f0a95cb980a814d4f8970888c0246c051b178fbff97bff6c29a67fcbc44a52de81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    043667cbca352972676f1d8191d7b517

    SHA1

    abdbc087ba3033c3f8bb81e4863e796363287cee

    SHA256

    03ebb1d68e5569ad64efec3e7d347223d05cc6c7945192340fcc016e9f1f03fb

    SHA512

    bb60289481554d0814dfe34db4da75599688f6749ec50aaccd4f1425dab07fbca3a9d1cef05d2eb37ba627c84bf26ab84129ec07696cabdeb5f73ed4a36ee12a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f88d51aafbd44939308951a0597e930

    SHA1

    05e8bed24ac97d0e7a5f6d95b1b79fdcc44d6167

    SHA256

    fc3c5840bda4d3056e33bbb0214462e5918c03a697e3f0019541c902a3474e6b

    SHA512

    1d70590125b37607cb5946e01eda8f70bc35466d20c7ad6207aa408c4b9fea349f93d5100e291f04fb710a5dd154c62dae6c02bd8aa4ad21dac98fc5b383ddd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74ef037814453dc099e8211ac906901f

    SHA1

    3d99fd69c32cb12d4a2b298cfe6aa684b7dd9497

    SHA256

    b5ea720bb28a228c8af0dee533be888305d07c21472c2c6d91f115e1c8303a40

    SHA512

    30143e94f9e3855f9f825ea83b37367eccbe35abe4f0562844269d9058925cc07f38d99ddafc1322a27f51eb39d1bc8b8991d9a01d4bb22955caf50c6ccda8ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f98b17c15b17533adafec96598d915a

    SHA1

    e863dc50b8c55e803aa8efd667fcb0811e3137c3

    SHA256

    61b0f150a44aa0c56336d9a5a3493cb9946b3b407d72ebe4e6b1a92317af0cda

    SHA512

    002a9b210b5660eca758668f66dce73a67d322678cbc733f2282ab613062a5f7fa5123ea3f0edec54c4fec732989bf7e6e349aff74a254e972394b4b1032d7da

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBFBA.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC05D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit