Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

edsc21/www...ate.js

windows7-x64

3

edsc21/www...ate.js

windows10-2004-x64

3

edsc21/www...ode.js

windows7-x64

3

edsc21/www...ode.js

windows10-2004-x64

3

edsc21/www...te.vbs

windows7-x64

1

edsc21/www...te.vbs

windows10-2004-x64

1

edsc21/www...le.vbs

windows7-x64

1

edsc21/www...le.vbs

windows10-2004-x64

1

edsc21/www...le.vbs

windows7-x64

1

edsc21/www...le.vbs

windows10-2004-x64

1

edsc21/www...ut.htm

windows7-x64

3

edsc21/www...ut.htm

windows10-2004-x64

3

edsc21/www...log.js

windows7-x64

3

edsc21/www...log.js

windows10-2004-x64

3

edsc21/www...lp.htm

windows7-x64

3

edsc21/www...lp.htm

windows10-2004-x64

3

edsc21/www...in.htm

windows7-x64

3

edsc21/www...in.htm

windows10-2004-x64

3

edsc21/www...op.htm

windows7-x64

3

edsc21/www...op.htm

windows10-2004-x64

3

edsc21/www...de.vbs

windows7-x64

1

edsc21/www...de.vbs

windows10-2004-x64

1

edsc21/www...tor.js

windows7-x64

3

edsc21/www...tor.js

windows10-2004-x64

3

edsc21/www...up.asp

windows7-x64

3

edsc21/www...up.asp

windows10-2004-x64

3

edsc21/www...d5.vbs

windows7-x64

1

edsc21/www...d5.vbs

windows10-2004-x64

1

edsc21/www...enu.js

windows7-x64

3

edsc21/www...enu.js

windows10-2004-x64

3

edsc21/www...ble.js

windows7-x64

3

edsc21/www...ble.js

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 20:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edsc21/wwwroot/admins/Editor/Dialog/help/main.htm

  • Size

    15KB

  • MD5

    c5bf03f599f9620d2fe0ba261dd84ddd

  • SHA1

    eb26082d7a9f0030f35be2f31fa138004e0d26ab

  • SHA256

    719fcf4307715e935c55ea750162414248542f8e22ee4defa4621882ba1b4507

  • SHA512

    29c616bf26ca6f692f4c6acac7b3e2e7275786d902d91d5aae0e8e792c644bf9f9a7b936c4626f073edf863d08a4ad472cbff3aa20d3b2742d1ed329ae4b77f8

  • SSDEEP

    384:V8MkJya54Wt+hrNtmLhwxi1yxX7Fyq5Hk8dFMSw5jNRbDpxqYeXOmHTNmebkqHPj:V8MiX5ztqxgqYPY4K5/37

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\edsc21\wwwroot\admins\Editor\Dialog\help\main.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1604
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1604 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2da8e06f7111c04f1dde74e6b85dd80a

    SHA1

    bb80895d694460e973f76a8f5d431c095e02f244

    SHA256

    21d6ee2997720d8cbdcd8f4ede00a013282909089e2c527de087f4d4efc21ff2

    SHA512

    7fdc8d54e8139056942276c9d2afed3835b699022441fa789b6b808bdde0a5e70d0e6669dcdb7270bce6365fbe977224e0247560556c268dc3abded769f58b6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    169547729160c7e0443379bb56f89640

    SHA1

    2bb3c2222f364b2d87ca64357bea82222d0f8f8f

    SHA256

    e4af924c16c5288e8e2ea889e1abfcacc1c18148e26e8e71008b944b0f51726a

    SHA512

    20483918f9f386afb1f3efaf027f8f24ac765fe3bafac5d399b507a6d6b1c37f36a62f731147a94cd4a830857526f045f231d109c0faaeb656751bd6d2e94dea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    838fb82044d8f03e86b1c264afc2c7e0

    SHA1

    7517a0d21dfa26ab4805cdd52f0ebb37db307abd

    SHA256

    71a01ef293478eb44aa147e99f77baf10b31fce02082205d0ad64eeee01cc222

    SHA512

    0f71aa47aeb7970fc6c65bb831558c163d3c81a9abc3657aec079579c7f50bcdf920f4397568ebf4268f71acd39e33f7b5b9ebfffc81d6ac503330be5c0f8ac3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1f075afa6a6d02c19a55daf0a5c082c5

    SHA1

    a8d5f3e9ffd9e8f90ecb657c793937bcbc3d25ed

    SHA256

    1da4970ff12df4ce3c4ac5fcf08ae062261be62fd1b9552b17226f377192a6e1

    SHA512

    38cb35db779d14194bccf4f87a08573f20d955ce0393c5f482472c0faa4f6d92f77b049094c448a22cd90897770f9e2d8c4028606090028a7ac4383345192904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    aa92ddfd0a811925c1b52da6a67c5129

    SHA1

    a754e94e20e4e2ad83b35fb798a4a11f0b132322

    SHA256

    508d820449c103753e02a2f29a062cc225fbdae5b97a86f30af027e765d1e4e3

    SHA512

    da97c9389e8f025dab168ebca602cc88fb5642d837860d9b2c07147912cad5edc50324f315958c0d8697cf66960f6f9a4fcde57679325d1a42a58f7c7dbddf0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    80c998b9bb8e184e2bc99146acb2b43c

    SHA1

    46e4eac4ef0d724a78afe7594f3a056394c41cad

    SHA256

    407c0789fc5f01ea2f28816828814442b31e9461ff7a5c451fbf3aff10f9f941

    SHA512

    63bd7c10bbad486f4c71c5aac566135a77150f03526899f62f1bb82998f1fd6fa4be9fb45f599c3103f87c99b3563be3f2af19c6e5d55d9db58cc25d46403eea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    39a03ffc6b50ed4f779cc951d99f9006

    SHA1

    4e85712839eaf6c4441e0f5e84bfc884d0a909db

    SHA256

    89556b47d4538f4da48aef24ec9a628d4cea0f293c01b8a6c1379e9c7ac7cc14

    SHA512

    9a9b8dc54ecbfef4fe49b4a23793fa5a18dfc1a371bd5f6912c5f8443ca4e5a06c2902a2bd1bafd4f057ba5a766321fc4ef1aba73cfa121837fbd3b9294b8112

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3c59611391a6aa2cd46a78bf1333cf64

    SHA1

    e65039dc30ed0aaf94303c8bd698a8ac61987a5c

    SHA256

    a001c5fd529467883c56df8e518a6540be47ebb46cdbc22bf9c6c42cb0c8c19a

    SHA512

    07e243f69dfa1511f16f19119efce4337f900f75045159616b410929cd35bc5e97475e03ff0b74d00434f0f63a8f45a2f7a698d226f0ee9089d0242e3460e14b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4599aca7786ce1a67ba77f407a9f4562

    SHA1

    538267296ba1ecad685e1b6566a57c572af86ca9

    SHA256

    4f4a0834e2ff8c468b4c035d854963b5f0f5dae8b386c222ca96e783aaf9d193

    SHA512

    d3dac9ebd47f8f57b15b83785faafe3ea0e83b7374a6dc2684c5bbdb3bc9fe58944d18eeef74339d19488f74c769a8777f180498186b3c3b3295e97dbbc8c8ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    750563f8858dd9b374f05bf9f2f87d23

    SHA1

    c51addfcf1b4e4ffe1a0e21a6988408061a5b39c

    SHA256

    eeaec96ba0621b92b8edc738e4bd8069b5b39b85e3915a0bf3998577ab623b97

    SHA512

    290d13bbb9b366a0f86ffa4fcb76d1fba39b6dc9e379f9a2ac7f4745ec843b6c1588d097d59f4d06f7b48088c3d0d9a0aa41b5882bc5396807a7935cadb61c0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b1e069f8bddabcfd61e2cb255b84e12f

    SHA1

    71a91957dc1701ff4588798c3b7985e42511449e

    SHA256

    15fffc15b1a1aa99648201fb8dbc69db7700552e578fa1d7fc0797ffe3985417

    SHA512

    f65a6306323352919a1f224e8bccb15a8813b86343ff941b1e9c9bc89599d76955a1823fcca3edb345eff4980e4357f45e3f9925aa466144619a411bd8d058d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fbb4a6989860cb7794cdeec1da04ea15

    SHA1

    4adbab824297748d3222600676ac1c9bcba2d58a

    SHA256

    fecd4466311fdc2cc9aee1619cbd6e6aeb6769fbf02d9d7965467cd97bea43a6

    SHA512

    97ebd6510a31ffbc1adfc09c0d20e6007a77241c7c71bc74a20361ed47d703f1a06250f91f26aecdae9d8950f66229f80c1320bb72020c2c322c534e88b43aff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0d0b3bd34ec33adc4278b768bb43a91b

    SHA1

    cc0dc5192a18bf7aac5f0d6c77385953ac0f8ae0

    SHA256

    eb9cade725a9838014c5a2fa55bc35ba18dc243cd877c4dedf414d690d37bf96

    SHA512

    66576ebbf3bb6b0477573bd995fcbd29625c295be39a08c3a43f8945da9f644a150fe981d347276fad73d240b32521c42e125adaa858c21784a783368808da55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    74e8f1879dbfdec818c6bd07a95b785a

    SHA1

    ea86664b843e6a53b098d7c3236dec4732950e76

    SHA256

    cd4311af0e033989347f4d6d091fc7f76ea3ee253251266e217b6ca17551d70c

    SHA512

    44c495af2f8edbb191dee32f3b025b181ea78c24d9141b793a548073af5076b356966bf98abe2a4fd0ef74dc056ccd4f56d56fce4f78eaf01afd526ab4384c3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f3b89d875d388a09b6fef74761bed9a2

    SHA1

    a2f2a6935cf89e189d05cb855275e0bcf3901ad6

    SHA256

    79c90126422236fb8aa9edf23428635ee6267b643d7b51513e01d2cdbee6da03

    SHA512

    9805a55443370f5c5c51074a4ad649a2e0305b8fa77e1c45f7749dc21c7217149652d2e3bdb863e5f73119fe9a9f8c0ebca1af83d2fcae18194ce063c9cee28a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    66ea02792d67ecd0ebaf56f6341ee7c2

    SHA1

    829c884b55920fe8e40d5e05032ff8a013fe216f

    SHA256

    4e08d852f284d55671fd45c5d65728a255886c1d263ee1f9ea95633fac1bc440

    SHA512

    2fd8d3c887994d2696b93798a04041c85b09f428577f0c6f89b59404ab1fec2ecc4f1d67e679abc68644d4a8ebe23fc88c5ba0077753c2fa8cbebd945b03b3ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    28abbf028092445e0a8e6c5962617063

    SHA1

    b3ad4bffd67d19c9c5ffe3d6f9cb5f1517a91a4b

    SHA256

    3dad2c01789b349108f13a510570dc6bc105984d7af9e5f79fc65533a3da709b

    SHA512

    4c974f0c77f45ad7dd1d8a9a3128438ccf4c83c3c236549224a874e9ec33f7703f1903ee21a6df3369da68a5cba2f608f16cc5e62297d251b0b49d81b987759e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3ad2b72159b67efaa2b0e13eff676b32

    SHA1

    f7bb8996abb131660231bdbdbe5bdc4fc074240e

    SHA256

    5cc80f70a8a4084728597afc8f5a1991cae605098039d6c8d6db3a878c655890

    SHA512

    dcfa5e654a01a79b3f68dd62f355dd71930f31830e2f66b87c08fc6b88f6b490e37e035973530e0dc3078a7f0b4deb5adde10766f1fdfdec65ec12d6da3e1c5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    46fb069a9ba72d986a0ad00d6efd7e53

    SHA1

    91e7a0de35a391e54a3cc0b0cef3842f2deec88a

    SHA256

    c31548e78e200e2d66870799a1019ce5b7d2a620712394c8c3e62471f21dab07

    SHA512

    85d43d0ea744026a41109c73418ad46cf26fd3f4b8135fe17e2007d48b47c9876efa83f71715b0692a3fa9049aee4f1587c34a2eb96d03103262e06850dbb6ca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC248.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC2E8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit