Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

485fd9e0fa...18.exe

windows7-x64

7

485fd9e0fa...18.exe

windows10-2004-x64

7

$PLUGINSDI...IE.exe

windows7-x64

7

$PLUGINSDI...IE.exe

windows10-2004-x64

7

menu_en.htm

windows7-x64

1

menu_en.htm

windows10-2004-x64

1

menu_ru.htm

windows7-x64

1

menu_ru.htm

windows10-2004-x64

1

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

wit4ie.dll

windows7-x64

6

wit4ie.dll

windows10-2004-x64

6

witapi.js

windows7-x64

3

witapi.js

windows10-2004-x64

3

witmain.js

windows7-x64

3

witmain.js

windows10-2004-x64

3

$PLUGINSDI...s.html

windows7-x64

1

$PLUGINSDI...s.html

windows10-2004-x64

1

$PLUGINSDI...n.html

windows7-x64

1

$PLUGINSDI...n.html

windows10-2004-x64

1

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

1

$PLUGINSDI...ss.dll

windows10-2004-x64

1

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    menu_en.htm

  • Size

    16KB

  • MD5

    9b3f1fadefb4823f9ff7d4e95235cc12

  • SHA1

    35d62346a8529c464b340a541edc29e1d3c72f8e

  • SHA256

    85dda9f138c28df9392439c7f2535cd263ac751ca016e0e302ce1c92040ca5e0

  • SHA512

    8e74494cf77bd1818190c4f91aa8afefbb185c4b7cdbe77ec7fd4d49b5296ec5a50097d34b0e731e5374f55a4a5c5235661b1f9e54609cb8058a7cfa0f7f4517

  • SSDEEP

    192:4qGVd+MXRWKvrKJp/5nqpoqFy+XeBPDyt2Jo/OrlX6F3idUI2ATCs:4ZVd+SRBSuU62Jo/OrlX6F3yUIlTCs

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\menu_en.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2092
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2092 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe0d87b44d952ae0fdc5778417dfc7ff

    SHA1

    2e6f66f0389c52585306112975967c57c278427b

    SHA256

    3398d39c197990c0bcc5d33619c3b5163eabd334e60747afcff1c40d9e2be945

    SHA512

    5f58208045d3ed9d94720f62435ff5fe0e90f2a03e072fe7fd6cb4da5e1fe586cea4b1e4544c0b4ff94bf3bc4444bd5854f6a8e8ee27c8fd73c867fda75b0af8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a4ea75d26f9d3cbfb60ee0f3fdbcf80

    SHA1

    31db622bc044a46abc79513d10d91c1889e03910

    SHA256

    1cf58904db404f10737e7cd6608b137afab43d874ab8cdd5a2119a5778647078

    SHA512

    886235dcc29463a99ae1d86bf73adbfe5448851a167feab3a4a4d9fed404f7c4bf472b5fb52103d3667539a1bfef5f22513b4dd6f4aaaa03a015356f903c8205

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5589702daae4b4a9f89e4c8b2df9e7ff

    SHA1

    3ab9d2b23075578c576b6f3c7889e4c5ed679b94

    SHA256

    3a01333f14e4e8b938fdd7db9ff03216e4d05fd91b27a322f218a85953d1c763

    SHA512

    130d156de272b2facf6d11b980542f8d4d7ac9fe192a8eaab2a301ba19dda286afc602af4dbe65944db052b602bbab6890747594685ab52770f829052074c390

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5edac0ef6d2eb2be79ed741b75ba6cf7

    SHA1

    272416256dd6382fa8a7ce5e05a74c296dfc49a3

    SHA256

    4e253e309e0923e83420e58b641feb44005061883d1ebf6bc9f93e4bc2b032c3

    SHA512

    183b5da712ba76ae656ec45196d2bfa38f156d4fafa8d767d8a38c29ccc678d647f7a18de4beebe133fcf302ce32a8d83327cf738831e3bcfd5211a39685d372

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a055df44bfab13f885d3843a751fc231

    SHA1

    212fdc8e0d70492950b67c204b8d12d0aa5c84f0

    SHA256

    15602365c98f202d813f8ddee15eabc786ad8e41636d53c0f1239b0c4fb6665b

    SHA512

    1868719497a84002410c846b9fcf60b6b89ab73daeb8365de876f0b0dc9262a53946f21229059ca9d77135c1da2b4dd54a1c32976030429c8262d2053a6d14e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7f4e561459bfde62bcda5acd49458c8

    SHA1

    d332dbdc85d9802a9958a2e479eb1b0208840f38

    SHA256

    50b4ea35b42d536db528723d744e89840ee5be4928a4d5220a5d5e855ac707d9

    SHA512

    ca5def017705ec48065e83a8da233658f792019f747b54ce51140826d11160b9bd5b3d7a0d08bfb0b08974ceffa2fb6aab0b46d850874f1ff77305ed78aab90c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ba95fa74a37809146f28553b052ed29

    SHA1

    776b6837de00492ff7f9ebacb81de235b34406fa

    SHA256

    1b623aa28b89fd7c9fe513c156bea1af4716407b1ac8585858052b481e352b94

    SHA512

    a40c6afd415b3205093a56d305834dd6ec104017cea87ca9d50b390fb5508fe83b99ec0fc17e78802440737d28a41eace575e44514181e58ed8e774f1e5dc83f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62d4d877bfcb8c1ffdd1293842b55fd0

    SHA1

    28cdd061fffaf43d0c47d242fc5eaaf610e38688

    SHA256

    ddabfd3ed48acf26168a1a0c93f91b215cbf41b29e25e9f2b157ee4a2752eaa6

    SHA512

    2c115be76043dca7c9194f8078187d74a9e811d6a5566a0b4145ac7d059d66fb347b7c5af1f7ea49a65c839ddbc95134b1566f68457df749baebf2fa08e893d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0590c21b5ef61387434ba8bf3aac6dda

    SHA1

    0c89fe5388da14e293f26ca745084f721ec09ca6

    SHA256

    61979ac503bc6d1ca0c4b3b6d741d62dde9860f086eeb3870fe0deb2b914e51f

    SHA512

    ef402f754e309df94067d05987bc19ab25b112f31c15882d79287d0252b0cd58999fbc6f00b6fe470ea2921a4bab027f598e02fab19f99e3ef16d987b887b9ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    714c9e280bb7d60d724daf4816103468

    SHA1

    1421266e3545ea720fab7ce5a89265e044c38aae

    SHA256

    7f1e5b6c9c84ab88d3b8d392f4236c9888a67c82f84c35b16d775af863d190c3

    SHA512

    e2380def66ec1a0d818f2b8630fd34becbdfc82dd9ad3f278ac2eb91d7b559c08bdf0d5d2d93a646d1a312a2b0d89457889fded62ce3f4b6a815dad3a82ca9cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07a991024ba129d2a5bba1ff864ba338

    SHA1

    e9a0adc2a0c3248d227e0dd5cd873a9895db5997

    SHA256

    bf1a30f9bc685f9547d91165e3f8514d0b4155898e1b01e714434278c27819b4

    SHA512

    6364d58c02893a61855ab78ef314cd355f4e9c94be5a62bae90c02ccaf75b7129eabf3910c2c07d5fe9483f34cefbc5e63f0ab48696d4396a3632cda945baffa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    581d924c39e4f72c58f72a26de28db17

    SHA1

    33321955c21a8906c1fa06a8646a5c4080ba1d49

    SHA256

    7ac35fe7f9cf4732cbe4c1f65d205b8e843b68cb9d5e6c715a489f4df400d15a

    SHA512

    c0ace700e8774cc0aa7cd6902753578f0ad90431f8edbb3a716d9bd64cc13627d3c5e81706710af32bcd0d8ceadb65730803adedf2e9b31e81ff6f9438ec9928

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1695dad610ccc6faa956f0c698faac70

    SHA1

    2f55befd235dc4ed436f9aa87ea6824704967ab3

    SHA256

    df9c9d02985068b9151ef69f05d201ad711370dc76b7e8f7bfb35603869e90bd

    SHA512

    38532850cb239c529c535be7b5ef2e459eb34222e47219192642a1dd87f4de4ef8065e315086bca22cc96a0fbd91e32be0435f103b11acacca37fcaf23e6378b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bdbd6b1fd6ea17bf22c425d574c3180

    SHA1

    0f191e1b9d797dc6a121252028d98e50c9e969b0

    SHA256

    4c84ce5e0ee81736c5c7a9b00657b03b09b1df86e536222ea4b72c36b0a037f0

    SHA512

    ec36c9b236586dcd190072a99d13feb0ae2f11853f71e2d9cee945909f721ee2051b408ae115f78da7ee79a20949beaf4d602fce58a8f2e0b85adc6e1a61c986

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d568f3175c7c3e25eb8d8ef91ae18ba

    SHA1

    07610157873459a3756bdff5c1b7ab245057fd25

    SHA256

    1daf5996fb87dead66f313241be5dc9857e7292b4f491c45531fe221224709fa

    SHA512

    ca887bce3ca30d9586d5210b19f7cbd00998cb3701c93aa99bea20001accac3e1b408c5d0705924d894691882e267467372ce48bc7e1d2b9fa81117c6b9c70b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53adda7b325c0979c43d2c07a5250706

    SHA1

    fc5762d601891e452256964a2ac75ee9e43c1391

    SHA256

    33e5af29d678f6aa57651db3e4ecb58a87c60245c20e39f8c4504a77e2fd90ae

    SHA512

    ec7d8179f95cad2590aca047e19877326880f29cce5dbbfd6226cfe8ac4c26c70640a701cbffde33c81c1b414e6beab2e065e06af3c205a8d0cc5e7ff1a194a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4fd24d52ddc8e0fd4062782d7ba57eea

    SHA1

    c6d0c476fdcd2adcf821641a2826fd8067dfad88

    SHA256

    1b8fdc05ddc473258587c4e88e633ff2502c281cc9166e3f69dcc73173d8adfd

    SHA512

    b19255183bb68aebd8cd8bdc7b073235b08e78efef7c37a30284dc097c28b1aed9a1bfb0e5471da35bef28dc1c88c89f2a51642d3bdd4d704d8a4aa726896d3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4962fd92d65d9dbf7ef219b4c517eed1

    SHA1

    d467b53925256226915fe9cb5bb14bed2d80775e

    SHA256

    97ad1497ca10b6b46e05bfe5d5555da54376049003d6561595095a9f78f33e13

    SHA512

    7b9f377a4a819acb8663d0ba69107b0a03d7f7c4965435e2f4ec4399f2b41fbe172e819d1706bf5ebc812f34e4a78d2b3a2ec51ce42b55afe0da1283fea18c17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c277ca95efe8fa2d7e91d483f832582

    SHA1

    6adc852b1f87a496553b1fba4e34399bbd1dd840

    SHA256

    e4b955482a015cea5930ec33c80c96d93f03c02472d16a2ab4d856ea967f4d2f

    SHA512

    68e6af55e697b1b2d3845c78be4f9ad0a296def89e856de311c200aa2177a7d89b6378138e07dd592067135b67a637682dc0ea99659d570eeb3122aa361f1d4a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC88F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC92F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit