Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

663df3aec0...18.exe

windows7-x64

3

663df3aec0...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 05:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $DESKTOP/ԱմƷ.lnk

  • Size

    1KB

  • MD5

    3801cf5240ef322de5fb53224f763068

  • SHA1

    e4286f9b6e5986b6a237bc70fdc03e8a36287e11

  • SHA256

    23dde6d591dc39c8b7901a49ce2edbe1591ef2b68d69700a4c81fd741f2d714e

  • SHA512

    3d26058c20050e236cb78533485dc2dd02ed6be0ab7037e8eac5916b75abe189d38f57ed45899787cbe69318ec4d6763633d1a8a96600fd0b20b83aaa9f03ef4

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$DESKTOP\ԱմƷ.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.wagabb.com/taob.html?desk
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2212
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    73fcb9128c080fa820aa08d66e5ac6fa

    SHA1

    e4010d6a48b2b2232d085ffb193132751adf1a8a

    SHA256

    8a6b3bcdd4a4aa5a6fc0adbd9ae2398e340baec360cea086a86c9019534647c1

    SHA512

    7ff7c0189c1a82bf36707b15384059aa81fb1996b1bfbcdfdadf8b061fb97a33c5d209524ca95592896cddd974164199bdf0cba4d67688b6df7bce58bf88d309

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4d70c77649b18b228ea177541b888e46

    SHA1

    d72353e7a138f1e19c3e6a50524888fc6c51c000

    SHA256

    e2f0cbd3ccfff473549e9bcd78880f22d739f4b4ff9e91fa5f6ee82fb8a15c12

    SHA512

    9f82d1ea841959b47e9d283dea0cd9d2207fcbcc3fb25d80aa726e1a9e0d758a63e9f1133690373cb02f55af2537f31474e346662a60681d1968cc394d2559e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f76c7e09b691bcb0549b9cfab4567da5

    SHA1

    c79139025ba1a367a503ea2902dfceed965e2c6c

    SHA256

    fe7f82ad1e5c2dddd3569de8cf21a5e210071cdae962a879dde88cb422c86ff3

    SHA512

    ab130f50ac9934c97396b0b844f55c5c12d6e2ff7d1ed5aacb176a98480b80837cf0a8150f947b2b23d1f43cac94d0ca35892152d798dc1042d86902e36d4616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d322b6b0e214ef47afbef6ef63bb45eb

    SHA1

    a24fa20a30c8fca039c2a7bb007e2177475c4153

    SHA256

    1737ae5cc4b665aa8c5ecee95551561bff47aa026ea69d38a16a2aef9b335857

    SHA512

    eb0fe82ed3c5f2af07f199d18b791a4aacca47a302ae94d1eb2a14a44dc31b3cbf22d06762646dca1a8227f223da17e644b4c13ad74047701faed56a1bae3018

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7830a0416699d1209dce28722386f96c

    SHA1

    44e64be6d83b6c418e99124dff7f017c5ad1e472

    SHA256

    cde4ff3a0af8e76efa09aebfea6502e266fbb2cbc1df953421ebd62c783a0866

    SHA512

    2bba59809ab5b0e57e02ac35b5d7feff376dcf539cda96d4d8b55dfa2d8f9ed384b41908bfea055ff030d0fa8faafe280551d9d0c83448f3112c46317265a0fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    403f06f542c3ca6fdc9c83496dfaea07

    SHA1

    0e9f3047e1f2b805f0817bde7a24ca8cee3ae1ba

    SHA256

    6dec39dfadb3bd06615482e37b821d3027be343640bf78c66b56ade4e03d7d7e

    SHA512

    28d2bb016cec1d13bbb7f33f6fb41de0f5f491faa50d45924b97d479e4a434ca2023fd933aa1f2aa2408554e1c19323be40f4cd00ed30f8fe33b51afa44ec27c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    16a89003131ee791df9a969b139b7e20

    SHA1

    422e51d9e173b9dc0471575c27e56a7778c30799

    SHA256

    272b059af25e51976eeec89310f66b9264fcc36c0de3d8228383a6930a117b80

    SHA512

    77d88267e2ade1e7c1e4c19094344848d822c67ec41e74f9312b7d911c6f2398c3209c58247e16d091b172893cf77b14c6e50ccfbd87c760fee7adf93aa27f91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6b72345f8f10739261b3cf3012677ad5

    SHA1

    cf4f8823855561347d90a352004d07e1d80b78b4

    SHA256

    b94a6f16a31bd410d4d99dec910ada2e2b24b71f6b0afd91eccd72640ecbdb7f

    SHA512

    37166b33b1c1d38726e7b90d2c90d06bb0bf508d8dcf231596280e148da92b0ac2794831790b3259aab8ccebe9dcee8967cfe184afa5f9b1ad5a1eed781dfd8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b0eb4bdd50aa696bda7da9b2f9344e6a

    SHA1

    62cc605fdcfc0834bdd2348fbeec71c30d32a940

    SHA256

    40c2204484e8c2e7517767eaeb32d5b6ba8eedbba3c6c0cfd648c14e56a73f3c

    SHA512

    39b7c9531da8b732f5b749ee03822ddd35fadfd83eec2b88d1b53fcd848f8be618f80fefed8d0ef6796bb8287a28e9601f60bf3f69786d7b54b6b303b8368987

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4276122f542ba58b02bbadb596b396a5

    SHA1

    2a516a1bb275651655982515d25ed84dad983062

    SHA256

    bda71083430793c8e81a601990b39b10e5eb39adadeaff63bd6fc5dfac2e577a

    SHA512

    e97ea5b3c90ab78c9002456d4e818babc22d3dbcf3adffafe1a684186e15f6bf1d751fc3eb2ec8e89336ac3e0b125cb02b9a55f5797637973597ff1138170173

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    00a3583c133e0e62c9471b21221e9223

    SHA1

    043525634d41d8255506a52e7d32487a8a4d18e4

    SHA256

    a5a5f76044354de48301d68a7a8a7fca26d6610995acf5333fd092731c214196

    SHA512

    04f1bd4b4027e03f77ba7510115caedc979d90f57de1bf7013ba1d7a3bce41d5fab9efe3fbbda3653c8debd7f3f39d382a4311f0a5fb18f21ee0fe9bced7152a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    daedf8f7b50438a658548ebe86e5dd64

    SHA1

    37ee14ba8178bf10c3eb5b2876c1454d4ab9ad36

    SHA256

    f7ff75c9b68d96af67f0ba362881c89ecdc626905a7f8511bd149b48d1fed3ee

    SHA512

    8c46bcef599698a69f1d9ee0bf502be1a85f7c313d0b8d9f56b08848ef7045bb0ad4308f30abeeaf775cc4fded17c905771f5743e9bae54b9591812e8dfb880c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4f1d0ac349d6735833fb4efe4bf93abc

    SHA1

    be806f404c7e6d8c0ecfb1058fbdb2406466ade9

    SHA256

    1bde76fa6449401fad0b4dd181833c89c3f7c693c506678febb372607a079a35

    SHA512

    9a842c0fcb0903d7de390081016aa70b635c006ba6aaf751e818f9dfb8c8f4e652b0321973052e068c316afe0f7987b4de432a41ad7d276a7520d154d50c3de3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fbab2508bd918007153e53983a7cdd46

    SHA1

    e96e294d0e0d43f92097b6d65deb0eb2f9ac3fd7

    SHA256

    6f64570c23be3e5de3b9290872b111436ae58c9cbdf8c86c3476441a01a215dd

    SHA512

    c00cb34f858490ac04fe7678dbd4ee347a2aad2c43fc05698b563f9e136b8b4997d1fbe14c34267af9f6bc67373e52d9a4953bdaa62114cc63b7808b695d52c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    99dd40e6b89291e92440e07944d0b0bd

    SHA1

    1507aa6879e580a49030b5307721691a7f50bfd7

    SHA256

    319b1254637b2a27cff31a7abfe1926d1e02562824714b0b7339f32fdbe110de

    SHA512

    1ec43927af94ab0c73569f7e1a3e11845dc76b1727682137ddedf8971bba24479dd77adb40ab8d660d630592c7a81b61349b9ee50925d36e87162b25445487da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d812a99ffdc50ac780be7a2d0d92ae3b

    SHA1

    3f897e28cb7ebe88c8c0a013c81741dde10dc5b6

    SHA256

    e394e15835f1da24b93d05f03648c00113df72e513b4eaccfa148146209f6ac8

    SHA512

    b0394b355f19e5c5f029e61d91b59b03643c8b6a90a90333dde483b6a290ff18558f61d683f1095ebd6adf396285b82b2ec753b7ed2076a04fff34f69a7b35a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c80c0d97a1e437a538817bde48efd576

    SHA1

    9d9990eaeab49cd2cae100dac86b347be6a673ce

    SHA256

    b17e7923a5dfdd6e2787604e7d3ea4f4cb95105686cb3c19a8a09f0633bea476

    SHA512

    80f4554779b97b68bd8232027e0554630b203a549e09bce6e9f65a1f05e3fdd13c22603289555efb674dac2aa0340ca9f329dd665b71cbef924f98f1b0cf29b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6f7268935a430786ac9884ef0635167d

    SHA1

    f0f71b3b9db3c2d460570fd1ecd1328d1aeeb743

    SHA256

    fa4f0dc2a28673958dc1baedeb332b6dec2ef60213b6e2d9ff2c9611549fa1c0

    SHA512

    cd4adb2d73a40441bac8246eb21bd90c3d054b4e40a0d2d02ec3f80bfd32d3aa0961dadb316d7d39eab304e7f2bf0c5a1420a250573b7c549c4861dc4451c315

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7fb3ea2376bb9cfe4e3714aa1ac7c2a6

    SHA1

    329b6f06b9dbb84898f2860100516ccaa0c069aa

    SHA256

    ac50a796c3efc4835bea912974f087818cac89d7a6b32e1c3652b95505abb0f7

    SHA512

    f944f945d7f1dcfd12a627b114014f11f8560616db8cb0c86c4b710fbad8a3fbf46c86b79fcbc15d62a981b256be2a3ab0e077df3022a16b1b3b051b04848c4c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab522.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5D1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit