Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

ETQWXT.exe

windows7-x64

7

ETQWXT.exe

windows10-2004-x64

7

Spieletipps.url

windows7-x64

6

Spieletipps.url

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    01/08/2024, 20:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Spieletipps.url

  • Size

    81B

  • MD5

    38db28ad903adfd7ad4ad9068811dd6d

  • SHA1

    fc772f4b1f17abc3d2af950cd39a8e534f2941b8

  • SHA256

    b4b22a305d6cfc21da6bc22cf8f0bf00da507964481d1c0ea5010938c03df00a

  • SHA512

    01c7a2e896096d475f09e6cb6afb8219b55e308e8e6bb50003b5e5c5d1748ad5762c8a36504640df6e6579658972899795aa5fe8596330fbc22409d12f4b97fc

Score
6/10
discoveryevasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Spieletipps.url
    1⤵
    • Checks whether UAC is enabled
    PID:2320
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2244
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2244 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a20002fd174408876bd0cabc999c63b

    SHA1

    4f08bc6a9b98926320f71d2ab2835b9527e028a3

    SHA256

    3cd695152c6e9801455a998ec94fd9736a4be62059345171acf11964101115b6

    SHA512

    60fb7cfc5aa587e969fed5a4385c040311cbca8810bff0cad4b9c0dd128d2ae9dc2e310bbb78392c14079fd179c25288e08ebe5da8742c27ed44e82ec9627f4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c26f882215003b31ada58e30b46ff004

    SHA1

    4b315eea42a00a635e685ae89786d8f964f7c6ec

    SHA256

    3ab5e3c3476640eda6fb26be5f2590c850ab22190d73bbe720f279d5712de9f4

    SHA512

    087490f0f80cb1205135eab3c732b6a1cd9acea6bec0c584e0671e67d129fd3a31d75fd1d42168bd0c70b75e33c682cf13212d359ec87444e09a1db49223e4eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e73913f5442ba2b6456c5d506dfa635

    SHA1

    1719e12e04407a40b1e223e3ec63f086422c8221

    SHA256

    67c7e15f0f39349470785691f741fa854bac083a4fc985aa59e627c5cc2dfd3c

    SHA512

    a4949ba26bfa5e1444eba90a5d6be5a7c4766d6a6379abe20c743c934b2432d0aa254c1436283cbc7cbb8337eb82632fd792dfd4cd6bb9dc6d804e92e1f023cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34427a7bfdafe8d9bd0bb7d707198626

    SHA1

    f395687f0a803ecb26f4fd9ddbed5c02baa0a2e0

    SHA256

    1fec1d88475f40e33cabd7c6caf55273f7b221af8b338ea58b5fac25e362729c

    SHA512

    e0ff214370184209fef05cfff27c7013d479280f6733c49f6a1240b04e558f714dd92b10abad6a59b642dec920e2209777095f05d61c510129792d363f1c5098

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce6a2417a4e162d1bbda6076b640b966

    SHA1

    b0b5b57257347aa179b9e37326c8373582a622c6

    SHA256

    c7b1dd3867397fa74a3f651480c69829a6eb53944b70274f3492aef678148d0d

    SHA512

    25408e318f268f3f0e1bc4f2815188914e7e5f61b88a1ede54a1983d6e9a223e07c66fa3f40d4df9cf4cfbaad0a04c7bcca2382837d41d30d3699beb112f4966

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd1a3a5186f38c19f4fba98e1b1e9cfa

    SHA1

    2199972f285291c02caef6f1c0ae1dd62c27de32

    SHA256

    33a3a0b3ee0e49e11496fb2e1395f3340600745c70e71465a82e6b5ba751836d

    SHA512

    7f5c94aad9cbcf86eeed17799cfc1646d3c4eeacd7e68497ec9330d49902d67688a803bca1828d8a5ab786751ec5f71c2a8eb9dba1776d646c18f35bc1f803cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f8f43864519852fe57f06aa34d3afd4

    SHA1

    f0ed1a0731a3002cd53780a73c9b1f7a3b8800c7

    SHA256

    707b52cb0858c5e17f2c6509c4909b8244274edff206ef349f26b571adb689fb

    SHA512

    7cc7f857644df3cd45db9be8e247404f1a3c3b8152aee3cb546806fbe36c894aff7f98d0719c87e83c527c97d40244eb1571e855d379e10d561567eedc1905f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d07171bf0bbfb89fa52401c640e65269

    SHA1

    2ff97200376d19d17f5a6487f116fe9ffab2771b

    SHA256

    9f51c01549ad3c0f5d059b216c8b97227f80b2a247fcd570b6d85b5fd4a8cc20

    SHA512

    9d8fb403aa1a77f6b1c327ee57f5c5354e900fa06bd95cf3b4bc3d91f151aecee249f7059adcb377dc1b4b3b52a7ce55d612695ea86ec1b063b1df5acd67b0d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2c62ea9e31e1d4f17379c5f3ce87726

    SHA1

    1345526bf699dee2297e7b82bacde1500d55377a

    SHA256

    ecc6a0fa61443b47920b598993b4b98990bc7e8db2e330a63a06913eb67b0513

    SHA512

    4cba850051fad5468eb91ecbf1223d242383340dacba7b64653fb9a834b74f90272ec3bb98fe9a940488bbd080f15855190c3150fe35f8298f5ccd4694f8f100

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b66dbed1c5ebc9acb1405b941e7a75fe

    SHA1

    f57f900a436f03b9d6fd6153cd71e2283541c56d

    SHA256

    99e0b82666deb966c1bcb386459565e102de7ef33320be4cf0c14f7fb6eacca5

    SHA512

    1705281959db3c2817665efe28a0cd0d7fab3610c16a67454c9a45101d7eee68325ed56d6071db802f606b70d2652d390c62ab5d4b93072dcdf3489afa056439

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f625428e0241e1fff3fb3527ac04a6be

    SHA1

    5adcfbe3665ab1c04a846ef790eaf9f44363e497

    SHA256

    6f366935ff20b8054b396d205b8b84fd488f78e71706407f08504f5e1d0e9c2e

    SHA512

    915992f60e155a8c800b155b8b1f08fe6d54049686a17d369a291fc0eb98d4932a6300c1c10a9b36d507cedad9fe972e0d77df35829a37dfe87b62bef0dbb4ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82cc4814b9d969819018cf20d7b64ec8

    SHA1

    83093073234d696bbbd435384ef858fee072741c

    SHA256

    101d9b0585279f2e4964112f71710066dba3ccde62a499dd98f28ac708214647

    SHA512

    167c45ff19f1219160b5ca7d3b2f7c88dca4f6ac319d5d296570684c805c6b7fdc2cbddeb431ca74bdb726af64baf783bff2091ba2ae419a9d4b698248008dce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3700d6759bdc1546e7d917c5cde90275

    SHA1

    cff761f480acd95ab447969cadf36aa53031691f

    SHA256

    209bf3f9a8390bb2e27a98b10da51b27c35a655667f6fed84923f5ac3f267c7a

    SHA512

    847a59d32ff9d5e574537f6dccd9804d2f1e25395436abf2931fde5b27ed03e18e4b8f96ef10c792068fcbc494854fa2b603e0830b431739eacbb623fc2d4d53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d96c3d1f50e0e47e4e7a21ab2e490b0

    SHA1

    62dc08d1cc7ffac6c2668298730d1b70352694de

    SHA256

    77d36984ed6b0fa98cb55146f3f0161ac51df2a1d3416c3842ac5e535df0cafc

    SHA512

    733cbba6812b151b998b546aa13d82abc5e369995c7557bb338823b0b749f211270fa81af2f7d5ce280d5bd69e4a4ce8e64fabf9ab37b3cb276d36031a2400ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fd40246f6d1118ec918dcce37bbdbe3

    SHA1

    73ea8eea002f6aa504d2ee2ced629c7ae20858d7

    SHA256

    70e47efbb242803b5fbe5babb2aa7f6cf1e39e710af82a969a7521d9932603e3

    SHA512

    ffc8a6533db67d6d284ec3ccc9f722cd2872327917b1ee9365e2a0da4fbcee88721afa4b1c5fcefcd58f5d236870083c6b499e8c12fd0843bc81a92ef6105657

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44a117d8720b8b33ca32a02a8a319b40

    SHA1

    ae7b46b0f287f739f86b6ff8475cd192f00f63ab

    SHA256

    80f78c3250d9cd2a5c320a7b51f1ee53f44697c6a84d52eb998cf69424a93bac

    SHA512

    2a93a658995ee1b8b1b73613753cd9a23c41fb220624a3a4afb470651adedcf230d4c50eb43b0736cec61e27bba090bf23eb13344ac9b8e20f4a4816a6618aa3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9d43689766ab92b8e100c2d5a64aa19

    SHA1

    a31d1f76b00932b68a6a0857397dcd4de6fe21fc

    SHA256

    e9a230db1aabf0bf53cd1193e89aacd7d720016a3229d026a1ae690e1927bc8b

    SHA512

    a29930a0c70a18da0515d1b2ee6c0608d2450ca50fca61ff117a83f0d0eb9398518da840d551b4c7f7a37b001eb27f4a956153a202bf6aa5c7c3cdeca5d206cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCCF3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCD44.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2320-0-0x0000000001DB0000-0x0000000001DC0000-memory.dmp

    Filesize

    64KB

    Download