Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5a6f5ade9b...18.exe

windows7-x64

3

5a6f5ade9b...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

1

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 04:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $FAVORITES/Ա.lnk

  • Size

    1KB

  • MD5

    62d588bdb74e4e2e5d1689fa9272ce39

  • SHA1

    9d0db515d8f65e57353381d707060f7343a74da7

  • SHA256

    248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef

  • SHA512

    cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$FAVORITES\Ա.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2064
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.mai520.com/?taobao
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2076
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2076 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2308

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    868e53cbcac34a5ff4ea7ffc5a805831

    SHA1

    ee377d2483eb9b2b8c563ff63bf6245dfa7e2ecf

    SHA256

    677c67cf858e206ac8bc062c5fc079c9957e377dba43b125f1eb7150e04efa80

    SHA512

    75023d231308ec067d48f99347f9c6f3f22267fd7d58132bd87d8341a490fdc08dcf1109c786147f57538d40f33e627f167d58a48c3dbe4f7f86c839a4a6cc9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51c4b3317ce7266f880ea4d93d36c600

    SHA1

    da9932f59fd0421c50050f69e5d91b2874d88293

    SHA256

    9e17a43baa5bb173e897808403ad0ed0aab7295f23b21610e18151c7315b1e2a

    SHA512

    6556128a3e52976243abf9da22438ae53d1a648f65b77c6f506bea3ba0838500d7d4c8ae3cffe72dce60397a3c24842c351099a4ccb4e38dfe5a64c2399de08d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    112e9b8e32813bb591a53fded5b35801

    SHA1

    2ef044be7987b904628d88937d0d06eefd9c6574

    SHA256

    38003d8b848346f9060b4155da69de8ffba56ae413fedcf7f59812e8d8629495

    SHA512

    aa38741e729cebd279c2baebb102f4c5f97c15df3031e8bf3d60142ba044e420a3d0b5d652e96f1c87422b409dfc66d664b8765dceaaa3381e36b69dc8a618a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9bbf167abc4e477ec4ab108d236ba888

    SHA1

    5bce4face37bf1e4bc91f00078d7856d4060f3e9

    SHA256

    1c9d8949cc58829bac860e7dfb4f9373ce7774238f62bed1269684449c50d4b9

    SHA512

    9d63038bad3504015a4e1a6117e39fadcd3008b303e4d428d9607bd61463f0c82b4dcb1c7445618182c4e7b4731bbd0620283e66de73414d8eee30715cc29f5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d84d04a393e769d0ceb5a38bee5d890b

    SHA1

    31823e65c05e6284a5636f5f9ca7961b2e939fac

    SHA256

    0618b162754ddf194f6a76cee0a626f9a51364b932b0ea7494d17de5963b31e3

    SHA512

    aa41329e3d96a1272586a447388f884e3285fe024e1d5c559020cbe44357b36ca692ba91bb61107075fd5d0b4284f5c41e5ffaf2aaf11fdfedde5b9423d666bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f485a900cf4ddfc9f3d949bc0bdf13f

    SHA1

    69240e38aae08052246dc584b3a102d30d71a858

    SHA256

    8336d160e298c8069396d6a6e7e231600e2d47d26fcafbffa21d2e1ff3e1cf19

    SHA512

    c67e603ab841cace332cb6a7f35f89e60802d314dacf4290cf7514a1be56f401b833b8e42cb8d80eb7ad37d44fad9eb3d853a3321761890ba7e5359104c146e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    058a44e5b7a336ba4d65184127bac9eb

    SHA1

    744a0c6637d1aa3483a9185f09b5ae2ebe2f0c3f

    SHA256

    a80d1bc850506299f4380c309bd810a58bc8ca86b682c04c88a70a7a5bb92866

    SHA512

    3ed4a7de1a74416dbdca7f8fd3e3dab40cb0b830ef8e27dfc2bc342a0f3510f33d969a1304768c83ae1854af66dc6ef3298bd4c7dedcb33ce3ef8148709e2f5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68e064ab977b3802e89bf355a355eb09

    SHA1

    38d1ad73467b0658f298dfe31222ebda745b1fc8

    SHA256

    145c22950e7901827e0f7e987a9dfe29f0ae267bcfb0ee92420c6adf4a2343ad

    SHA512

    d06e01ae2bc470918d5c3456307279eaef826f2141e4a7b107d72100f11b6ca4164923914da0885aaee41660064b5f7fa162e66accf09ce580bf3af4c0fb86c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1e46ceafd1a2270cdaf08c807b4e6b3

    SHA1

    b94f1290eed114a4119e256fb02a9dc1d85090a1

    SHA256

    1f3b58439ca1b32726eb267933cf467cb526469bdc5ea8f82769f485053bae70

    SHA512

    67e8aaa3c55716325575a0b5b6b851673c9422a425d03c6d29f004e052fa718aedf5c23fb3d963c1a23c5f58c95d3214a39776fa8a69f2cfca9630e2b62a54ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6eb15e6999cd8dd389e8c223cd50f3a

    SHA1

    2e2b257fac6b67d5f4e6f6feee48907f74c4661c

    SHA256

    1bac88e1d056d9237e80af72a64597cf38010d1268aa621cade14eefb087bde1

    SHA512

    150affef159922e5dee4731866a520404419c6476564fb50b812da3ae88de8736ca3c83933e36a4c12254a7dc6a25f016d530add9c7ec049837d065dc92ffc42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    410e0609a971dec241855ceb292dd058

    SHA1

    f4f8decaba4f7aee2f75cded08034f7d08e115b5

    SHA256

    4ec2bb2964d38a86fb4b6e3b733b6ac486fb105291f46bf09eb63b231cff395f

    SHA512

    d067bc7883ead8b32598f9c2b6a6fc98a0fde6ea2edcef52f1e2c03cb6bab18072071e63c2c6fa875bace4633310a790fb9c766d9b30e51a81df3b80dd4d5388

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4aac84294155aba42c037f03cd07c466

    SHA1

    d838423ac9c2cbb1bd8178152406c1cfdfd1d27f

    SHA256

    8a3c6bf0330d998006503865e8e9f329c25d8e021ed36a91a0294f799013b177

    SHA512

    548128f5ad19f2991216e5ac3df2ed1c345d59096cb9ea23262c357317d24dfce1c9d802018abce535a631d55f6ef695f1ac61236397cd4047933bb61bd13a23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    151b0d904eb71a76d16c3744cca1d9a3

    SHA1

    cec91c7f0c12fd5ba8141fd9eacf2acda16ad638

    SHA256

    1a48341fe9008bff96efc184c7404a178a24bec9b97496e09b1b5791590df3b6

    SHA512

    fb6a9df2bfd4eec6f32fc7e8b0a4b9aef753b4ef35c6cb129972a896d392189b0655cb1743d2adfee79325557f91df4c76fb051a4aae797ce75e7bed3e7b51bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eba48de49b5028ce0704090cdc27426d

    SHA1

    94387b23ddbbf33048f2494b9ea33c9bbcb891b1

    SHA256

    36f6a607a196352d2d381df10fc3af0725a9815357c71de98242bba41e70e302

    SHA512

    1ed350b0c1d30419056f395fd8bdc648dbaf3205f9a3606bf838fb5e90800dabead2fa3ee4fec10e82436fc4f0421b353b5779b844c90e5ff660487b401e5533

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bb17e009cc1f2ef6dbbdc9c6c681bb2

    SHA1

    152cafed8ab357c24a7601630da4e7bd20da4ef9

    SHA256

    87946f143e66c61aac973ed429559c19e5c8c6d0a51830c0830b91ad1afa3460

    SHA512

    68c8557108587ad280b909bbfff4481d3eede82b4bd176e680938516f65fd47066a73027b5ba1814b92459476292090a271f9e4071bbdd8817be4ac622d75ed9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4fefc434874d1ca6e239220272eade6

    SHA1

    8034bfb0b2d71b078a5ea8708943b58b3dc9ecf0

    SHA256

    c0c6b9db9b50cce8d48f0b365ce1f426118366e20573e9d3c2d02dacf24cd4d6

    SHA512

    5694a9d5b9a8a2de76c0e6094e46cda695d41073d906446cb4ac945cf9c62d9cacca983f9627ce98a9298cb23ebdc0a0239678110cd020506a621f68c8dfb5d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b873ecdc999c080c68c9b0ad2f8d2896

    SHA1

    de4df8208b0a41f35b7711bfa075df63417f4212

    SHA256

    c85f3e770d558ea1f0fad91d112ea20e408b4cb75e34ae7d512bc637fad3ce0a

    SHA512

    3ca8c76b61a1eb10adf96b0c05c5b2875a9a2a9cfb7fd84219fbb56da0154b36a2aefd55d3c68800f9691aba5e71fdbcc812577a7c87a60be414c84e935a994b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd554b26f8ca0cdbec0057eac2bc4fe8

    SHA1

    f462338dff22c3cf2b510891f3932d2c2b015cd0

    SHA256

    a98c975013660b7e28cd440e110df532655d1b355fca53af98c1c7674b2fd58c

    SHA512

    786ec42445cd1db2a20e14d92c56d9f84c0d4db905daf7657850c4ca3bcfd86ec8aa7d2fe05922b81138121bb9a9c38218a4749b0c826b63e0726d0d7054a464

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8E2E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8EAF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit