Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

caokun_bbs...ad.vbs

windows7-x64

1

caokun_bbs...ad.vbs

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...it.asp

windows7-x64

3

caokun_bbs...it.asp

windows10-2004-x64

3

caokun_bbs...er.htm

windows7-x64

1

caokun_bbs...er.htm

windows10-2004-x64

1

caokun_bbs...ay.htm

windows7-x64

1

caokun_bbs...ay.htm

windows10-2004-x64

1

caokun_bbs...sh.htm

windows7-x64

1

caokun_bbs...sh.htm

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...ss.vbs

windows7-x64

1

caokun_bbs...ss.vbs

windows10-2004-x64

1

caokun_bbs...log.js

windows7-x64

3

caokun_bbs...log.js

windows10-2004-x64

3

caokun_bbs...dit.js

windows7-x64

3

caokun_bbs...dit.js

windows10-2004-x64

3

caokun_bbs...ot.htm

windows7-x64

1

caokun_bbs...ot.htm

windows10-2004-x64

1

caokun_bbs...p.html

windows7-x64

1

caokun_bbs...p.html

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...rm.htm

windows7-x64

1

caokun_bbs...rm.htm

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...wf.htm

windows7-x64

1

caokun_bbs...wf.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    caokun_bbs_GBK_V33/HTMLEdit/inc/MediaPlayer.htm

  • Size

    1KB

  • MD5

    7e8d90b47c67aec6564758b9ad5dd7f0

  • SHA1

    b09228b56703d5865d3be0775e04ec24f4497cf7

  • SHA256

    deb2759f342b0767b97df0915ab562ed550b040038032e94ea976da517b8cd34

  • SHA512

    4ec0e127b0c7c49340124c6a1ce5ab07b6e5c4369cd9f7f7cef26330d091cc3f6e43988688410a3a4a485de2e44cf0fdad96b6ab29ed7b227cc43315bf77392e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\caokun_bbs_GBK_V33\HTMLEdit\inc\MediaPlayer.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8ac8d871208aa9dfd9bbd3d7d6abb67b

    SHA1

    b32c795a8ccb98ff94a4d18dad2105a167dce92a

    SHA256

    257dc56fa5b7ca50e8d5cd0df2f0c4cedb3b6f0c46b1b77a5cc25272d1f66516

    SHA512

    93e4eb3e6f2a7b1377d44aacf5e775d91ac708153e6660dad1d3f1179d46d6c54f9947a6902465480004661b125f91b1640abcde2d7371eedc1b5906ebe62abe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6f65cf902dbbbb5453975d6d86a10bdb

    SHA1

    ef8e7be02583fb860d33fc870969d795985106af

    SHA256

    fc675e2b837f89922e864e713cca9293228e7651317de47e89d76fb4b1400ffa

    SHA512

    a9a57faae5d39ab3c84291761e9ef97f60cce3cacc8f34393146314d180ae769c2cf5b13e55c52e1013ff2b08791c0a31fd45237d81baee90775117ba0fae9fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    89ebaa80c9319dedd91bef068c4a61af

    SHA1

    ab21aa3a6ef0a414028c7ea30277ad00a8dbdbec

    SHA256

    c2f2df0e858b38a5a68d476f1b9b5cd0791e53e08204085ececb934b49347381

    SHA512

    f5d62f568e0f99ea984128c139d98934fe3be1012c7092f7e1c072f590ff6743ab8821fcc90aef855d5821377c0bc1433a843af60f4e3df8d6bb57e9de3c5e17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    085477302ca0eb7fabb951d14ea6f255

    SHA1

    50bf2d8201ab299c3f5b7d5a96b1b8dc6c0a92bd

    SHA256

    4c99346fcc417b1c95793d49e5f4c7495cc02badc12ab6790e2426d5246b1ca7

    SHA512

    b9ed5174fdf72ef06c88853fba04649eadc7d7d09644fd800371d55b2a53e5dcdc663f272407c1acb892df868c8ebc84aa3a7c1f2cd2734eac2540b8bfef795f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    08115d64b9804d35f2086423e47b5201

    SHA1

    5a08612367486064a6a73aa79cdc3e424422073a

    SHA256

    df1dfe110eec188c7a27d7af23b60a152d2dc3e3650cd268a7edcaf6b23dbb19

    SHA512

    d89c8001cd0031a6a381c87904c39066df40091224d3b2231c9c227365a5a800ef4522995580dce5a929fbc393da89b6b3be9c197904299aae7c8c36560e9b0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6ba89c1142df8c7a222ad92166e52220

    SHA1

    5adb6707008a1d6f7ffc9741907d32b069a4abec

    SHA256

    d3094d46548840bb16a7a3205a9cdf428f3fae70a0f7abee0582dd2eaf7ee9a6

    SHA512

    f759726254b74b4e49ff72f6f1af863227c1e3204fe86243e090cd215c96d8cb8e88bec7445a0591404b12390c92ca5c410b7eefb6aa50d6655612d4aa60e438

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1fef0b6e5d927722169186c54085e304

    SHA1

    eb40f30f01281db9c3e0ed393d92473ee7f9185f

    SHA256

    cf6f6df6988d2ac317dfa96e12b3ac9bd6e24c80a01ccf9ebeea2de44c2ac1ef

    SHA512

    19e6315627479179c18fd875ac333253de1da4c84620a3ac901acb2fd762ee1e0255a7a0be3f5c4707a9c5b5b2643b226faf41082834206a234b68f6d4a477fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5a8925c306e76a0ad7ef4ce0d48bd696

    SHA1

    d71c8e3081d50d52723f268ae821edef845a1f70

    SHA256

    78eb5fae05a0c353a5f9d8fdb2ad9d0371fe045c433afeec5c43ab74ae043395

    SHA512

    2273d3c45873d72cab5ef81e7af70ea1b2a4a9157b31f401a2505e7d89fd4075efb6a30c7766da9550c040ccc011ef209b17699594e3ac34416a9a812263d4cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d5c0ceb3e6282af3acc0bb818240b226

    SHA1

    a6bf71ce9ba60c0c93fc203c3a85dd299a57c43f

    SHA256

    eb6ba065d9eedf93f67f8ce3f110525dad377791d16389dc021b4f3433ab66a2

    SHA512

    98daa6081af52dd6324511156005a1be0446d838af8047075a536301998fdf781d2441cf8bd3a38bb36a5ca22d060b4d2154ac5a82b42fbfbecab7bb3a0cc4b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1fc1f02135445683dda17a6e03c4692c

    SHA1

    acf162d3bd984f396f61f9b5f9601ea84faa3a89

    SHA256

    220cc08c76f95d1ff94d2832505d4810aaeaf000b59c2f47a4b13180b47c7f72

    SHA512

    97444adb66b17a1ae31535e1ad3032c38b6e40c373075aff39f491767f050f5a5a39b27246779db3996d163f4dd1069294adbbbbc887dbd190f3b5ab4196c535

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e7dd535fd9bfa7f554001d9261d7c612

    SHA1

    6d42955ceda8094bb9dcf68348879c02582d0438

    SHA256

    efc90be8b7aa639f8b87ae3ecbabbf403e464205b8385aa484d42db7bf1d1098

    SHA512

    31b631ef67fa3884db0383e3f826a58fede666c13c6e525d4ff01257fbe7da5c8bdd2e0fd94df0a6df572898005fa32be296718993cdbb3a5702915d7f3cee16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    87cde6faf2a48acf46e60abd99d26aad

    SHA1

    2f9a82d48c5c138959dc60116c32df959eb12392

    SHA256

    edd411a7bd56d2d18046fa1d1b9f331c924a0bd0d22f23ad72623cf21d63e815

    SHA512

    f1b9e5aacb32fc9f68211f88c427f683229079f4241a950f3414d2f362d2a61dfe9c537bf88ded7d2d51d2573004b068fb67718cd212f5272da7e87556ae3770

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    67fe386da9b4220052a97f968fd3c771

    SHA1

    bf623f2e5ce163dc6fcfb6bb9c6f02624483efef

    SHA256

    a873b2c525fca6ee9c241ad8d9d82aad298bf605c91f9fa3be4971e2d9cbb7b1

    SHA512

    108dfe6c644deae2c20818b83f2caa3d9d9fdd9ce35ed4c95786dc41e551bcd0a011751c8faa8cb50e916d218b1d67681b7f05eba4a2983835677235e496bb80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6d574135b5e1484fd83eb15f4385bb89

    SHA1

    ab240346dcc311cc63ceadb4524f8e4e496294d9

    SHA256

    576dcabf07bc59c93e3af4f3839acc47b991d09724bd677227a8e10f40394bef

    SHA512

    439bc7ba2c7fc538356ee372b9955c4c30371a0489c86d6d6376cbdd657cd6d655265a2a58930922bd4ad29444b9a639ac38b3d7f0c339b35e59e02389dc15b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7b816b6e0eb6c74522f5726129384f94

    SHA1

    d3de6d4da375ea994e99a4d5e0367f5ec8292213

    SHA256

    935168d37171aa2e42bb7695a2f0015f90afa722e8c7c529d92c9c3239309799

    SHA512

    bb5585af5f2d8424c941ab7e5766189b7acf1628e1ea569b9565f190898f1601e9244c59f8dce3178d542000e78dd9b3a174a7ac76d010c552c99382cde4f316

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    75517f9d925cc82df22fdc7073eb4c0d

    SHA1

    683ca0e3b18e3ea22ef184b4ea6230cd787b8980

    SHA256

    2681be4364eca1f82e223031fc3ff55adf2032269c8c98be847e67c589d6668a

    SHA512

    73df759411193822f8dfa7c7e5241b5f9f4c557525e0170c84fc28a314d55c4f0799663bb6f45e76a327737e6a05a2b5e8874cc0239b8299cb86ea78bf281aa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    13e89ec121e303ae4d3f1738adb89d01

    SHA1

    57e4b9d65787a3b2ffc090fcf24084bc269314aa

    SHA256

    1a74e2c51cd3cca06288d3e1350bf19ec38c0b86f04cb9629f977ef6ee32c893

    SHA512

    d95ea6babd5bd3d778c7d3f72bf2527ea232f4d6f641a95687fa1f035f544480578ae37c230136ab59d8b13da1719c3648b853849ddb1a3edd40bd7ca9154379

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    80a66ba690937475aca3c2f5f3afda52

    SHA1

    d8231aa3338e44aba41362deb18659349a8aea97

    SHA256

    5950992aeffa943549f99fd28e19abd446021dccea98211a1d361792335119dc

    SHA512

    6581506f41f30d6cb881cb3fbe027a6fa7a13f8216f9f0e732a847b50fb57db0be8d0c759dcd06dc29f2cd311c94edd6cf8a8a04328e768e44485b641ed987f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b1a120c9702a257edb0e8a400cb3f637

    SHA1

    5e23f2937b6b21d37e9d02868ed0f823ef9c40ca

    SHA256

    3e2ad4b05409f285ea0718518b86fa176f14127d18277fc787fb0d60ac8fa984

    SHA512

    54e6a94fc24bf412985d71e277617e11684bf445d6712306c67ec988caf5e93e020f511b686b826047b5b1469e4fe33f0223830941497ed1a46bff765bb6cbb1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9F00.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9F90.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit