Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

caokun_bbs...ad.vbs

windows7-x64

1

caokun_bbs...ad.vbs

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...it.asp

windows7-x64

3

caokun_bbs...it.asp

windows10-2004-x64

3

caokun_bbs...er.htm

windows7-x64

1

caokun_bbs...er.htm

windows10-2004-x64

1

caokun_bbs...ay.htm

windows7-x64

1

caokun_bbs...ay.htm

windows10-2004-x64

1

caokun_bbs...sh.htm

windows7-x64

1

caokun_bbs...sh.htm

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...ss.vbs

windows7-x64

1

caokun_bbs...ss.vbs

windows10-2004-x64

1

caokun_bbs...log.js

windows7-x64

3

caokun_bbs...log.js

windows10-2004-x64

3

caokun_bbs...dit.js

windows7-x64

3

caokun_bbs...dit.js

windows10-2004-x64

3

caokun_bbs...ot.htm

windows7-x64

1

caokun_bbs...ot.htm

windows10-2004-x64

1

caokun_bbs...p.html

windows7-x64

1

caokun_bbs...p.html

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...rm.htm

windows7-x64

1

caokun_bbs...rm.htm

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...wf.htm

windows7-x64

1

caokun_bbs...wf.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    caokun_bbs_GBK_V33/HTMLEdit/wbTextBox/swf.htm

  • Size

    1KB

  • MD5

    5dda56c9a98aafc8e632a66355e5d691

  • SHA1

    b26882ffa52926e7e980d0bbbd57fc333f3ef340

  • SHA256

    6222a165e66e8c93316f6eeab51e37f1e978211978cbbbbeea31e8558f586f8a

  • SHA512

    c09e7368cb98d342583f6fa81c0848fb5ef5724ac25ebd73bc3127702d4490dd1fed1031b162728597345b86c418cd83e6cf697d7e9f13d1de00d2a26e195856

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\caokun_bbs_GBK_V33\HTMLEdit\wbTextBox\swf.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1016 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7b1bbe67e0fde38b6a99fc3c70ee79e9

    SHA1

    0eabae860b5281825999f4072485f0153c3c1855

    SHA256

    d676187236880e2435966049e63a7857af88b27cd71e13b8a518f4a93c120021

    SHA512

    25b276387bcc23d03547caf4b1daddf5dab8b6dda50d5cf374c04c9bc114f2353454d6d838775f7572fc7667161826891e763af77d89872146b745a8daae1da2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    71e064dd0cbcb26ebbd98920c10c8353

    SHA1

    cfee4c3d346b955f25212e48a0b08944b4f65182

    SHA256

    26775292f7774410ce9a7db334c0e0fd4be82c47875e889b0ee207f7d0667047

    SHA512

    a4fd67618ee0dcd8dfa8bf5b338459186a04ece8f2a8692517455e58a875eb38fbbe12912cb60fae7a284fadc3fc89c682eecd05799e92ef611e9910e7217e1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    058e1be05c771d2adf00cd151609bde5

    SHA1

    d71f215618a274825071098eacdcbf628456adbe

    SHA256

    3a7efc647fcdea555885e126f361f2373d26a3995e711414fabfca3b01a9d828

    SHA512

    b1fe6605750a53034ee3f67c043834b0e62c69e93bf5f2ecdc95abcb1592d2ce9efda30b8b7ffd3a45c71d89c7dcfaea0d6cde2ffc9a3bcc9c8566c86e289ab6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b50aba17d5966c20235ce1761283b7e3

    SHA1

    197fae02fc82cbad66c3a9cdb20c43500562f346

    SHA256

    311216db64fc3369b4559907f00180cbfe17addcad5a17986b82984f682bc6e6

    SHA512

    51c8bdec3a749f10695371b72f4bb3eaad4931452ff8e76346273e366908706c126eaf8e8fb000e5ca10da93a7eaaf4a8680af52342dbf26fb846f7600e0bc99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    78d681bf355990dcd42c907cb351ef70

    SHA1

    1958242cf6ac79b039bdab808416c8fb1aa00a12

    SHA256

    82491116992db5cb518de2cbf7f3b9ec6b573b5948eb5a4352c091a70a43d063

    SHA512

    275761041130dfc736a7218a37467c18efecdc9381436ee347093c61abe24c3f78e9c7eef94c89872c1462d12ad950d5b108e121fdc55b9e9512dc4ec61b9589

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0131e2a68e4b95b3a473f7ea2c0c2dda

    SHA1

    45340473f853bc36b18f11d3c97e664f7c403c3a

    SHA256

    473f15f99944867351566642448b4dfa026a2a356823d5d78ca9ec74585efea3

    SHA512

    ce9db62687b938c6788d06c1d4c01f021adf27c2d17d2c1849a1f20fcbf17c5d35213da86177571fe81c5b5f35c76df2a1f34c3de235059e403ea57e605963f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1b2f2709079592d8fe8e56eb0631cbfc

    SHA1

    1233dd601412a6760cec38759e265bf4dbbed6ce

    SHA256

    2e79f255e925898e27737e892f992d4c7a65f64ce798fc0b225c54c74c306cf1

    SHA512

    77f684e6bd18a016d5b12305e2b5a9a62c4cc3bbc0ab320f6b3ea8678b20f1ba699e8f068a81eff72d41669b2664f5caa67534ea5da272ed2bed969ec25e9b24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6bd268a4f4284a67317eed498d1dd3c0

    SHA1

    1f087cee47dbac4980743dec2fcf94a9f59cff01

    SHA256

    2484fac91f21809968ac31a928fd629ed0fcf655214739017f28fc947e1da1cb

    SHA512

    d6c0f291ab8cf13c21894b18a042e95b8f98ff0de8fae8b0ae8ac73cebeb6b24acf45125948b4fca5fe630db42147100cc5dca3ba2ce184c830f04ad37a40157

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bd34debaecc78cc59124b598a17b8c9d

    SHA1

    80e7a3360e33ff5396bf92ca5302d7965cab4e52

    SHA256

    3b4d22d4521b5c5fd46c03b0eed8dcdc5387fef98cb0b2ab7071219c820f4f3f

    SHA512

    efa6692217dbbffa3e89fbc821de88f673c70ee5f6ae0d4fb52c51c46f8645cc74b093eab35a34ac89e906bccfb6dbc0e9cbe5d4d65f7e10364c8a5d75cc93fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a42852fc6c940b43c2c908124f8a9374

    SHA1

    9262477b1284b0ab88c19a8c681527f4d7c34b6f

    SHA256

    d79a289eefcc6cf6da80671fee4a0f4326c1dc27efc9c6659fc485c9cc24841f

    SHA512

    6f60bd093b2b9e04c842dd9256f7dd98a7e4f54c50273e398384c6e13663a34ad97e7dc3a15dcbf16d66214e795b63f6aff7946ab66233596753d2b43ae242dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d1e63a1d29999a819d1ca639f9b72085

    SHA1

    a3eb1c826b1a3e1291b73b67a3091bf54e07db5c

    SHA256

    1ecae3a65fe372e597c0caf625217902ec67464a93db37d66260dbb765f7178c

    SHA512

    bee2faba06e992a8ff502e38fea351b40e4a6e2b3a8d8de068773e2a6f290b320148b9c67ef71131ffff93f3beab6e7f1f2a63b77c77999cdec88dbb33d21193

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    71e7cd067045c40f247d9f4e861ed395

    SHA1

    b3712e513a02fa61be978d533a28fe329a742927

    SHA256

    96b63888532964ac11a25dc84ce767d459a842225609b898e2ebda95cc036726

    SHA512

    e4d93f29840c0abba98ec61044e4784348b72c4fafa543c3fd482d72ff2e14a295812051864505625b5cb1541b13e750a2ef8f58cceff78d83cccb4100e25f4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    08adc65210c9ec32e6e6deeb42bf3725

    SHA1

    104fb75651c633473423172c52bc22fe34318974

    SHA256

    f596f9c290031f6d71ae8ef15e2073cd8993184eeaf5c87c779c2bc5ff4fde49

    SHA512

    1b3fed9052d17d6704760b7ef8c520146996ca7c598aa952630754f5db30c209cafd458bd572a47233dd4388d59d4c4464f08f53c25b44a6a1a80a5a3927e85d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    917d05ddaf641d3ace400a88b039f8be

    SHA1

    9c51b1a5c2db2e1dfc2db105662a1dd10a95f29b

    SHA256

    4ebbb36949dbc4f30de8a0fd7d38e1d017d2b5f72dcc67bc3a662139ee45e065

    SHA512

    45f44283c171977edca5f8d9dca183fd346730ca0a66f415138a5981159c45962a8d56604dabebc735a64dd0369276018d564b34f56586b11772af8f00a49eea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6c35d88505175f5aaca2e7e9a8380a9a

    SHA1

    3f2977e83b1679c160589737b17c2eb178a990ac

    SHA256

    a718f2bdf49dbca3d26c2a16260afb2c6ea037603886f4881ae87e42b6403307

    SHA512

    6142ec801c46bee04982dcdfa8ed6587f93fdc16861c626e74b951b3c0c5f38b8fbb4ebffa417023af5cd052f47be8a629ad971033e920dbea07657d5363383d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    aa334f2ef60428990a36f98d47ce9c18

    SHA1

    57570da1a5b3215f1d0542c3ce202f447881585c

    SHA256

    08dd8002d00795ae7427cd4a492f0e4d520fff9bc9271a54a8ff3b9dd985c162

    SHA512

    7fe0e83f4a58080c5fab3464c82f175b832ef7fdbf84ce13dc52330f7e6ff6fc63680a7f7dd317e2ed959bf7f4565535ba5bee4f21be997db8729127f2e51bba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    61b534f318cfe2a51219f3ae224b302d

    SHA1

    815bf82343633cdbc5c19ab80d2a856bfb386f66

    SHA256

    fe8ba76261b5237d9cb28657585cfdf2da48bee2f6b6cb0701e16e061f77ec5f

    SHA512

    59a3e0607a67c446aaddfadbbaeee291b9a5f76cc002f27e0445a53b4b15b317bb55daf6251fb5071f37b43508542743b0afc3ab72d39f80f43b0f0b7d5a8d65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6cdd2443fd9dd86c7e63c2467d00cb88

    SHA1

    011e9d32d0c4544e3afce9732b608748509c100c

    SHA256

    e84a260872e0d6fc35024a7f410855c60bb00aff5b3099233471aea9e02c3d79

    SHA512

    d53906c6b813c82570fc4e9f4235f52377c8eb4447d4bace2892de3992159974f927ad3cdaef6a8a290f154624c68b53b086e1aaec9671e20baaf79e2488e240

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab419.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4B8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit