Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

caokun_bbs...ad.vbs

windows7-x64

1

caokun_bbs...ad.vbs

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...it.asp

windows7-x64

3

caokun_bbs...it.asp

windows10-2004-x64

3

caokun_bbs...er.htm

windows7-x64

1

caokun_bbs...er.htm

windows10-2004-x64

1

caokun_bbs...ay.htm

windows7-x64

1

caokun_bbs...ay.htm

windows10-2004-x64

1

caokun_bbs...sh.htm

windows7-x64

1

caokun_bbs...sh.htm

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...ss.vbs

windows7-x64

1

caokun_bbs...ss.vbs

windows10-2004-x64

1

caokun_bbs...log.js

windows7-x64

3

caokun_bbs...log.js

windows10-2004-x64

3

caokun_bbs...dit.js

windows7-x64

3

caokun_bbs...dit.js

windows10-2004-x64

3

caokun_bbs...ot.htm

windows7-x64

1

caokun_bbs...ot.htm

windows10-2004-x64

1

caokun_bbs...p.html

windows7-x64

1

caokun_bbs...p.html

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...rm.htm

windows7-x64

1

caokun_bbs...rm.htm

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...wf.htm

windows7-x64

1

caokun_bbs...wf.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    caokun_bbs_GBK_V33/HTMLEdit/wbTextBox/replace.html

  • Size

    1KB

  • MD5

    0f28a1824a2571e87147d52ca5040abd

  • SHA1

    f530eda7accf3de2ea752f1471a53e6afde8d6d2

  • SHA256

    2e5206b855427890b5153862e34f74dc08ebd71beb81cef33ee3d699db3fe834

  • SHA512

    9414c5ca7f91a02ee97652da7b0bf6afdf39b83aea2694c1b22645f5b55b99fb970ee2564736f410f3bd02733a6588c15e49603c7d9a1b36237520c9b0b5e444

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\caokun_bbs_GBK_V33\HTMLEdit\wbTextBox\replace.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2840 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ef06c0d9ed63716ee893c4ccffbb166

    SHA1

    a3509e5c33bcd13c8dc0a7294bf9795067eb69c2

    SHA256

    dadde28b42811ad0a584c8750855e64089646500305ade58e2a997b23968eacf

    SHA512

    dbfbda6a61ff4ba242a209246c901a29009cc597b912c04d4a33e71bda3d3066ca1caedba2b2afa198e66dffda2136609d755031af68914bc7ff06266597249e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5eb631e608878c64454fdabed417829b

    SHA1

    1a96d5caadddeae5a0e75fedaac4f7cf7eedc624

    SHA256

    4f9a0197bbe8b98b69f930b2798b2d0a16101f9eaf10e57a401bd51374f4f90c

    SHA512

    3cc63f53e04844f195f178699fd3559e6ae076d64543131d2716e7d34cce4579a0e55a0f154d5b66da7204dde70294d2af440030c9e447ef451e4cfcb888290e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    512213c147f5b2039420acea6798e0ae

    SHA1

    67b526f7295c008354f6de1a02fc7c3b155dd7b3

    SHA256

    b8ba6633805e441ee9bc8fb83620fbf8d7fa02a778a8766fbda4ff7b59539806

    SHA512

    b2295e3e3f83b3e2f599ac92d50f22e0d8eacec34137215aa006c3bc3b2c662669bd6e611e798760d8dc2ee995ae6d4ae60f8055193959d45bc0dae21ff7007b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58f77e4fefbfb4ab3e9fd3e2aaaf0379

    SHA1

    4a570dcbbd8de95cc41f59e9a33f4994f1201e1b

    SHA256

    df7307dc0641b67934f1461bd25bdfcc1f94fc1013fd58cefb48cf443d2de929

    SHA512

    019fa1f414410c57f9db33ed919692c7e16157093dae321650fa1623df59b94e8b3d087b24ee610f49676bcc5141541eba939738013802e78d264258b27eff20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b52c993c47544d30e4d2c9f32c8cc6b7

    SHA1

    057907f5b4267ba86742c8343c68b8a9314a6253

    SHA256

    93871a9b802d22a9a3c0b3ef63059a83cc4b4a3d2c90edf32530b8d322fb7c10

    SHA512

    79220a80bdc10b33a65b54342b5f5fe9730a0932aa936a0653a9d5479cae77a3f7b396f08aee6cdb7b6f42aa91199c5004a9b05dbd3d555c3be751df301c925b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f922739fc31d2a02bdf8685d4328bc4

    SHA1

    c9a2d2f63e8df7d9aa6509f74c5c8fd4436f8592

    SHA256

    d85540c0b74ba58ca0c9366021ec0bde378c09a8e5178d011ae4b0670c310e88

    SHA512

    18618b31ca2def09cedf3a490e85a5ee0cb931f04ee1e6a1b5e827caaa937013af1fd128989cd9a67ae0210ba232d6bf69a433e90c6847bd818ca6e960a28d7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3ad280cff3cbef78cc54e9029864c1c

    SHA1

    ce2f47b6c48d047a44ced003b9ed2a55d3728494

    SHA256

    1fc99db4a4b4ad7b92341a445a61b8d45fefe078aaffdbae6b623712453b5937

    SHA512

    aa2e69a07548d3993006bf28abc3dca586418de7d1f5aeb2c560c5a1231717aa08a99d34810d4fd1a1a331154a03e40e4ca4e0469a2c617d30d436ddb70902a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9dc92306039328043b30457b04fb4f51

    SHA1

    b008cb34495e566895ff6c024b0bdd1f0a351208

    SHA256

    037ce991d140590d58b4a5d541e52e13362bbfbdadd2bfcae66fe3fdfdba3043

    SHA512

    43ba9d49a453b69511a75041bedb6b47a3c1e1698964ab3cae3249c768e8075eca267a327e25379cbfed1cf35a7a994cb96185910779926791bb8d0e91738471

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44ef833bb77dd6f28600c2d54e186f13

    SHA1

    229217d97c7cfd72943a4a6f1d812f44a220965f

    SHA256

    f45267dfc62bfdb3c22ddb2984c3945ede132eac61c691b7e7074b8a3512b2b5

    SHA512

    9ca14a348b5fcc92eadbda83faedd717c83ff689d01625e2d31968187ca7a27ffe047b4d95e28a40c33d650bcc0e71ea1bf2e362165293ae14c6dd5a80d7fcf0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    500ff8f2ff161643e87b362dfbae46ae

    SHA1

    021cf270b0e214c1c68fcec97cbc73ed9c6649f9

    SHA256

    71a566f8212a4c326a9369ab4627e66de2b0fdef4d07e6831a564932faab377f

    SHA512

    804617fc66b3f66c7cf223fc3b6fc000fd114bfa66d18db0df24d61bdfe0d89a31140f868563401854f429b0b03a0d947f3786208b7404cff7737bf9844bb44f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73a5227fa938c717e3abde4619947e0a

    SHA1

    5d296e08b35f220c0a695b310e5bc7ce61712352

    SHA256

    cbda2f0c1721dabbca4ccd3d3013432dbe5c69dfaf8c3c43e358a5df57bba80a

    SHA512

    732ff9f5d47023068d0b07c3cdf7096c860bf4afaf612361d13193285f780f582ac9e48fd60c5ad62a85ce4804803e3c67df72fc8ffee56c0e0c46cb732e201c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b38fc611874ced54ec6e0c1a3204150d

    SHA1

    06eb3a7e7b5c5db82dacaf5ca4bcfa5ac1f317b2

    SHA256

    6e0a6a16db0577a349e045ffef0a90863315a2c0f6f75a1e1cde6c38de1ac798

    SHA512

    22e34261a71c913666d5f97a5d2da2d53405ec6ba7bbbe533187311123a883ce60711385edc47179ea2727b821d1d40b908a1d1cbcb05b7f92d794c3673500e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6deafb9e678183bf504195ffac3c9569

    SHA1

    f1ee06f67bb16dc81441ce0c7bd137366f8708e0

    SHA256

    3cf48fd401a744a396df6456b6e4b5f5693e80c112ac803a189d99771c757d8c

    SHA512

    2e84d00cd5aeccd001c2b0a7d9fc928245b701cc476da3059f98093c7ac21d04139fc4717dffc8f951712d167a4e75aac1634b60a629748c93af0efae2a4a5b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b23e3d8209b6b790f63805915c63cc25

    SHA1

    b4cd94c88279770d33bafe9496d074b578f482fa

    SHA256

    07c4958b37c43a37f4d13529bfa40cde1714f9cf0df4bbc243db6952cd1c062e

    SHA512

    47d8140608ccc88e6ca9de4ae218f7b0489185646b57fdeed1b4e4a77c0dfb0b316d30a49e19d1fa7b1e679c34d4bd26cd7e22753562096540c03d4ed0958457

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0da0a3b6329da087d5b9dd6d43ac7f2

    SHA1

    e45c294b25b3831d269cf4e60aceebfaa8263e33

    SHA256

    ea7d84cf2c38d663ba3fcec949ae89346939e14eed470705429559068ed3f40c

    SHA512

    439de6d52875afa57e8f34d51c0d60d7f8d1914bf0a95197ee4d5de7a7f0d22f09d55a5d8f022d33ebf433aca2a2ca9c012c7ceaac25f09abaf6417988ab8a34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16593ec931799c0515352432ea15ead5

    SHA1

    f359c20e8df64f3bdd9b12eb3e77c9471aae885f

    SHA256

    ac2a3e80a9e8b9c6eb13bbeb9fd41405bfacf7cc48d178407ccfa29119aba04c

    SHA512

    06070ffc869f23fff6b2f6216c819a678146c082a1cd362767b5f172b4dd71a49b8664997569cdb97501153105246cb114de527d737a42003d1fa974ccaa81e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb3545836c8ea07f8b6473397e582490

    SHA1

    d5b68114ce556d9c873bb091b5f7c0f7a91c7fdc

    SHA256

    18b217e00c59d076480bd7be2afaf2e27d4889f0559d1281b04ff7215bb7af54

    SHA512

    9657f97f244789160fce870d6f0fca6231b8156aaa46e50ae8f566f4003980a07ee6d97a0a756a281019abb0606ae2b39417b01e22a5161ba143574bf4ffb4eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b5567ab1c9835e54d60a3997f56dcaf

    SHA1

    88114cfba168fd6257d0a4c090913974b1c8f24b

    SHA256

    ab7db6f9d0446b5f900199e5dd00ee4f8bc2aa20518cf3280dbbea2e6d54d2fa

    SHA512

    6b1553b803a5358a0526a0ffa56ca55c92f40eade32a0849a51cdd392d66f90bb812d34c3b9bc8c8725ec86c6f87289d78fac184af3b0fc7a43e44fce96e6fb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb7c1b0ea5bf15b7eeba526cf012e411

    SHA1

    9f8e3e051c6c23198e09afdfab414694892cc532

    SHA256

    f70f8971c52c67a3efd1b73bebaeaf53318139ea679b4b01fedc6d47ced2a3cb

    SHA512

    075faeeffa020cc01509c4e9584c822462dc9a7cb93489a847cb6462848faef4e73c8bc4629e16c80253e914a7ba5808ef6af0480181974e6347941213895bb4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab313F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar31D0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit