Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

URLScan

urlscan

1

http://whatismyipadd...

windows7-x64

6

http://whatismyipadd...

windows10-1703-x64

6

http://whatismyipadd...

windows10-2004-x64

6

http://whatismyipadd...

windows11-21h2-x64

6

http://whatismyipadd...

android-10-x64

6

http://whatismyipadd...

android-11-x64

6

http://whatismyipadd...

android-13-x64

6

http://whatismyipadd...

android-9-x86

6

http://whatismyipadd...

macos-10.15-amd64

6

http://whatismyipadd...

ubuntu-18.04-amd64

3

http://whatismyipadd...

ubuntu-20.04-amd64

6

http://whatismyipadd...

ubuntu-22.04-amd64

3

http://whatismyipadd...

ubuntu-24.04-amd64

6

Analysis

  • max time kernel
    35s
  • max time network
    62s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 06:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://whatismyipaddress.com

Score
6/10

Malware Config

Signatures

  • Looks up external IP address via web service 7 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://whatismyipaddress.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2840 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_857450206B889F4FEA0F888FA03D68DB
    Filesize

    471B

    MD5

    090f56ceff2e17497a8122e8108115f0

    SHA1

    33cff43a61846cf1584aaaca78f151228766f12f

    SHA256

    e8714c50267df7fee7dcbe8c923aa1e2acbfdfec48dfd93ff048f9394a58fc71

    SHA512

    3346a12bf270f4506623e6f72e03ac615e5a0380b7fe493ce11634d41eed6dd4197cd574c0adbe190c1961204d01498aea29f8c2e95af9f8a22be67a8ebbce46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    925b276acf36101cb9e2d141f8c994e6

    SHA1

    64fdf07d1e8fab38c7d8e24881fa9c5417e9490e

    SHA256

    5e421a0e453573a495d8e20d63c9250414fc839637bf98ac17f9a42dce528455

    SHA512

    e752bbee5c350f9d7521335c112974be4fd9fd65b6f0538932316852ec105728dfa089a4a619d5dd79435a8bac8e3216c25a78e267ba914e20ab15de62bc378a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b7db4dabc21e4b8d4755bfc1c5bb02ec

    SHA1

    b4a589e6942b6eba8d9ec5af44d1a7a48f7df85f

    SHA256

    4f5e97143f2b0fed65467bc02a58d02a7bd07e2191aea7619604f958848a3f80

    SHA512

    112aa5e6836b4e18cd38678fe4a51d272496de802acdcd4698e4bb2bc36a1225752c10c27ebbb008f29655de63b3e8b163e5656c5a34ab65f011c78e1620c871

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2c2a50bf55e6b5b9edd074577e6eeccc

    SHA1

    bf29a24b8b958189c0f7ae6a699918657805a274

    SHA256

    ecd604423348ad1efd4790624e55593c18663406ff22e11cbf473115355e956a

    SHA512

    38f98952b3005c0add55e83383b207bf9f529035d2a6bdfa7a853cb991f1935325724d28cfb331f40346c67f88917a67aaece238aee91606603a50fd870546d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d14ea7514c0911d13b97635aa5b5c23c

    SHA1

    d83d69c8ab880139957fa419af77f8b10225b6d1

    SHA256

    63c84fd4647eb97a666a0ee9da67a3d8993dedcc5ba902b28b75c5ad1637ddb5

    SHA512

    21efb5a72c5373717d84438c037d41be825f930e8e2625a33747048a4b311f87e42a165bbb90eef01617573de214ef7e3beca6cd7eceaa0690b0d7f09a210525

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a3b3f048a506ec9c8dcfacb35c0fa9f9

    SHA1

    2d9d9d0d37ea95e23f24e30cc2e1b533212b84de

    SHA256

    39148fc1f9224135cec0d9bcaf6c6fd3cbc55f5fa0ff1d57247339fa774f8774

    SHA512

    1a1100b95e18ef3626ded094e4554464792c50f155f3f7cfc9b91b3877dc3f9d9f97c97574d656fc893461a9fbb208bb572e447fa8d3e5ec76450ad98d3bfd1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a1f3974ee6be74fd1af6ff3be4e8fe3b

    SHA1

    bea0fd8dd71fbc9f58da8ebd6d2aa8b14993a821

    SHA256

    ec1d92fe89636c78df5aefb70905b4476fd570f150e1c124c3a0cb1e784caff2

    SHA512

    ff170e08c1d085c538193d305c8a40886aa0e8d5e242c4d847d18bd55b4515849c6f88b018e769891d2cbba34a0c5c534759c069e6689de2e38c9dfbd9859550

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    05f2b49f413a995e1e5a2a06c7e7b706

    SHA1

    314f79f2ef1a72160d69785d5f26568a12405e66

    SHA256

    93e0e63f25766776a7087255c222d5ee8f150fcaff6ec7f890660bb9b7d57848

    SHA512

    1591e429090bc246bb9a452b74417a9d29f5f22f9cc50e0cd8420bd94edb23fd9a461d06395f9def47f910f2f3493bbef3861d778c118241de6c31f55b722385

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    87941af87da6bb22e8e6fb1d76777207

    SHA1

    4a9158e4a140ff14f9373774fb6f314575b4f82c

    SHA256

    ef82b992a226896c10281b314266485d89c9fa2f778650c0507248ae1904b303

    SHA512

    985ff2c9c8d2ad77cf5a4bbf768fa3fcd4301d732ccc1e6d0af909edb58409a4fdb9e0a471b5ad51126385c2f16cb1f7f02d6662e9878e90ce420c900e6f2e70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2ae455c40466caeebe6f135b5552aad2

    SHA1

    205df7a88f3b6ff3e48717b8d3380122e64ac717

    SHA256

    e1f4c0825365c244db9dda2146abf687ba49ac3ac0cae105f25713dfa55b84a3

    SHA512

    3c22c47f4e489d9968a84be62d0f05f44d5ab53a0a1ee6891ab1ac8367cb1e0bedba8be1bb4f2312986f1e1b4365d6a5c1324f78f53997d4183cdbbf8361938f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bb2c3e9dea3caa75b0f68f178da3b430

    SHA1

    c0131697b6cabf314ab2ff1bd275b774400edba9

    SHA256

    1408977b0b54d88bd4ac4eecd5ec22fbd556a76955a8e20f1a0c82a734edc807

    SHA512

    1e7f498c5b802c2cdfe9710d703d6cf6bbfe94897aa6bf483b6447b522f73e7bf67dc0e2888b3959b5ce28f70f94bd7063c1b7b69fb1c765183ab3d291f05644

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\puwo4pk\imagestore.dat
    Filesize

    15KB

    MD5

    bd6eeddb99585eb70e57f464d59bcb52

    SHA1

    0ff947aad133c447f4406e94cc9ffd6dbdd4a64d

    SHA256

    072ef144e12c3d7283567b3e8461e5cfc699f8f9ab0b09aa910f7a4b2470a16b

    SHA512

    0d6aa41981db2d0ddad5f25726d73f8a409d781fcbaf7e95adf9dfd64ccb2da5314c009c83148db15193818e1d29a8467f07b0e816d87bda26fad9a44bcdd1ea

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2LF9I1AK\favicon[1].ico
    Filesize

    15KB

    MD5

    ed1ad39a6ecc261f6abfa2327bab5756

    SHA1

    2a578fa8da6830dd2787ae8cb12e66ff5b040f44

    SHA256

    84886342ecdc4b1b095067268cdc5e94241959a551e0fdaa5f2998467f870aa2

    SHA512

    70b57ffaa1536a9461d16140fb2d1e332e32598ec08edc172250142ff3c5e7dcafdf7b38b7b639094337e9abeabeb99244ad84c291b3eeb9965cd9603b509e60

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6AE5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6AF8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit