Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8379c28556...18.exe

windows7-x64

3

8379c28556...18.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

6

$R0.exe

windows10-2004-x64

6

StartPage/$R0.html

windows7-x64

3

StartPage/$R0.html

windows10-2004-x64

3

StartPage/Local/ie.js

windows7-x64

3

StartPage/Local/ie.js

windows10-2004-x64

3

StartPage/...e.html

windows7-x64

3

StartPage/...e.html

windows10-2004-x64

1

StartPage/...k.html

windows7-x64

3

StartPage/...k.html

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

3

StartPage/...x.html

windows10-2004-x64

3

StartPage/Local/wk.js

windows7-x64

3

StartPage/Local/wk.js

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

3

StartPage/...x.html

windows10-2004-x64

3

install_fl...er.exe

windows7-x64

7

install_fl...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    09/08/2024, 20:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StartPage/$R0.html

  • Size

    7KB

  • MD5

    bdc5a933dd11a46ba1881a7446bdd2c6

  • SHA1

    03547b50e393b564fb7494027fe3a364018e1985

  • SHA256

    2cb9c99f39635d2905be12cf17167628075aaea33d2da58fee0370f14f894e22

  • SHA512

    17b98eb6296aab9d20b5850a9e31998c7f983b587170272f13df2a01f42e526e2d5b7bf7398e0ef0e748446e9a3417675a3a3e6ed557da227b36205cb547596d

  • SSDEEP

    192:7uEFsHp4giMi03LcioiE3rj0i4iQQe28F:7RFsJ4giMi03LcioiE3Ei4iQQv8F

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\StartPage\$R0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1772
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1772 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a6b0585d5d959d3c663317aa12c4842

    SHA1

    3b830af0ed0b91ae3ce5db36328700515b0d391e

    SHA256

    257b80a59e7461e64d648ee2bf3551df6b8bce695533c9cf310e1f47457bb9e7

    SHA512

    1afc7be0f39a942b5bfbf7f7d46d16d9e436264d29430ea2621b34d7d4bf35e74ba22cdab94de3afdb4574420fa2225fbc7a22f435dabbec0f8f6060c60fde57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    508b387bbfd8dc7c04903b1a1b7e8bc7

    SHA1

    f1c3c2d7aa84c7ae9a97a8dff13b010617d09a03

    SHA256

    b49007df47f683797fa149854e6e8fdf20264f47457ec17e8914966c3976b5cb

    SHA512

    b5904750212789f1a29f04149734e1ffedb640edcfe6ff90c0bc1bfa72c0521b31f8588bfc66358ca55e9249db98234ca8e813e137f4b6903442a384c616e970

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33b010afe7f16dffd613f8452b15b7d6

    SHA1

    62c5424491c90d340f2ddb2f51ae2439bb53faf6

    SHA256

    7c14990cf7d412d9566992d215893caf61897b4d98d341a3472ac28efa8a2104

    SHA512

    073f3e3449e3f7e04e90735a760f6b2fc4152819bc40c2d7d2bd3418e42643acdc297e5008607df4a0fa7ec48cd8d918cb0e40e6e3088094d00d67bc9dbe0d28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bccb1eae33d2297e93492f7a931d5b5

    SHA1

    bf09d7a2260a677edf4b5e5a59b399a62692760e

    SHA256

    315ecffff8a79150ee37fa857a58d4f1a5eb51e9d6636a16a6ac6ce3d2b7d034

    SHA512

    ffd2b0e565f9657f33f907973c430bfd5f4f176b65b6baba1a73611117d40233ff3c070896e5f214f79b97d313fb0f3307c065cdfdc07786fe57357a36fbc7b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f142da863d0e8f7973e2a669507a9e3

    SHA1

    48479376652ba5c93f891365ce0ab2576e5654bc

    SHA256

    15d3141dc51b5f2dbb125a2d83be60b5a13a9d4b7a2b49738726ea786b3abc08

    SHA512

    5d518663f69d7386fea0438e6a72f791af6f3e303edebf6de34dc4ed0c345382b9330d817248af0dd34e6c60578b60b282004215181439f1ee30b285607a57c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3e2fb84b51f85501f8a7d4a4f1b17e7

    SHA1

    4820f1dcd6dd2cbb51f8f069d7bc3383850e1079

    SHA256

    1c4630e5ae9f646c6c2143881a560e6041f1541f85aa0845adb4d1b6812a7d89

    SHA512

    7bb3733824f3f025ed74c1cb44d0131eb816edffb1f7b3f1c38391a077a87177a9c6d158ca5f23fd3868a5069a0da6b681214f95ef891186d069d6904295faf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17acd1e91695d98f721db89cb2b9d715

    SHA1

    753418884bda2cf78566f2847708322def3d1ba6

    SHA256

    e406a9604683c405d697a978d0c08dcb41a13ebda96ca2e22348705d5f2cf7b2

    SHA512

    00f7433aef98dfcb4676e2198d0761c22fcff4f9240ed621cbbd06320c10c107e1e79d4ee1075b5ba3e4f02ee7b82bd5412a748fcad9c8484af444d9dcaf3886

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afd4296f97a544fa18cac6c6bc736cc8

    SHA1

    d595e809f3cc1c2c86a96fa2bd7ffb7ad326cd8c

    SHA256

    f872112fb932dfc8582e1acae64c4fb32981dd48941e56d90e3d9879f1cc9324

    SHA512

    9a507f3c0db1f2a70970436b26c1a08c0c9fc66fee9bf9b2d1c72846d1550db129c520bf5102c217170ebaec62cee8c25ee0585c8f1a0340e36fd40e7a88a810

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5468d4029d4920ab0624374e79230877

    SHA1

    cbeab76f2f1b883878aa9fbd4fb10062a79e0e10

    SHA256

    ed2a9dc1b21a9a4073a25e6a7a2d8116a01d545988867dfe17caf9229120e3c8

    SHA512

    96c3a613eaddcd9876f3df30318524903ce1ea6db20bb037650e511a8081fadcaffd9299888f1b1fc3cf26ef171aa22f188a2d6e4c7aede095fb39f9265e0f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56d2f01768135686897a0f86fbe0c633

    SHA1

    49154daee8c0f8f00e95e583756d74bdacb3753d

    SHA256

    57571f33b381313317ecfbdf12deafaa347ee2bb1c8423beb397239418a290fb

    SHA512

    673be7050148fe4fff387ae56cf3d5342c7d3a7f2f8b825c2b8cd74bb9ccd4073539dd0731c16f7d7e85442b08685d36ccbe2543bc426906891975bfed9c7295

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb78ed848094e6fee9860bd38901472c

    SHA1

    8c31e8398665897559ab956098eb249c82d6320d

    SHA256

    84404b53339131dc8acfea545a9d5e699da4845f4a351ca82114074e7753e23c

    SHA512

    5d6a45ed0046f271184d6199b1c549cf0800eff91fae10a56cc30d261db3834d5aaa129a6790d734b8dbdabd1a5426dbd825e83c505595733501e431b639665a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    139c5532153c89feb6e3be436a87a3fc

    SHA1

    4d55f855eb1f0823d1a36e072a05c6a60de3de15

    SHA256

    5db4fb926478924feec13e638f5b88d725c40766695237f3120d21f2c5bd07f5

    SHA512

    f04951e116d2ff04493735952e2e8a187bb3acc268ac00aeaac72b75f1333ff6f5fd03693e4b56007ad27bec9b45111ecb2ae807ec7f888e816b8ae1f9b78eb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b97c801338f6531a224413560002820

    SHA1

    84ac75c20f3f95eb74ff21b46d97301048502b3c

    SHA256

    3a643a08a377d82709f9aa70bcc8c2311e7dc10e2cb98bd9eaeed4db72c556d9

    SHA512

    a796e2fdd467d6aed291dbe14b39536ca7667a0840b05a0cf7c0afdd84557e23cfda492b13989aa12abe3733c274471e88db2e14bcefd63dabb12b0cd39d71c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6812f3f6576e330e876c40f9f0ede0ff

    SHA1

    8ffc1de3169b12bee2342272317e2cafb88ba957

    SHA256

    0d17cf6e9accbbb1366968bfdcb0a1d4798c2c22ef1afe4cf8454b5f09be6825

    SHA512

    6dfe254a4448e596fa19ad517f3c7011bf87a51f8b2a610cbf90c4bb2734633ede6a1c3da888d4ebd82028920e859ecd65c215f01fe2fffa478a6b9606023b2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90e9f4d793616b86870fe5d73af116ff

    SHA1

    d98814eff3cdfb1fe8f6c3fed9564c5fc437bb27

    SHA256

    c4165039bd5959dc0490f72949433ac888170e1f982cac623cf3faa82f5159ab

    SHA512

    4e36c19696183cd9e8b5c580b32cf10d45d1058d43f19ffcc43286cdc1e1720a6be43067a237faf31144b779c5a622c701a87b04c045e5ca3333d6ff912464ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb9ae417fd0fb8af3f1a3bff334a57c8

    SHA1

    6880fe27117c8f3eb5c591dba61186aea8e0b386

    SHA256

    77930ee9afa98a9663d817f6229ab25928af0379046d2f094a14fb635ed5d06c

    SHA512

    724b7e9a2f78fe8111ba6ac66dd9d3aa4281b41f99d3e635261aab612e4b2eae37b48990027c1488697d3e9ee903ab8ac9f8251fb6549c2909f7d84bc09a38e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    390df4d864fe648cce6fcd429c342bc1

    SHA1

    df1335ac5e27c242e777519df62ee5a4a8fdd298

    SHA256

    90a8770497dde55e2da3718bf84ba00f87fd13fb8429fe179b3c247aac04217c

    SHA512

    edda53ef6dee7a681c4a660dc59bf103fb9fc0e5a57de2921d431e85cc4611b7de98b2913a2481b6e1cfefd43314f36a1ee08747d79f2d72ee8fe650240c5533

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1edd77cd5d1c9355db9b236d0064428f

    SHA1

    b528d88a1e62bb0c07010aa071b9b78c7e5531ba

    SHA256

    5516db305b9075db29c45ba489014cec2ad0ce979720a2db0d22b347733bb1af

    SHA512

    196121cf659abdf633db308570acd0b61736dc5f0d53c334d5d575f2b8a8fe340eab5639bcefec692995bed5d5d2271b9f05a4d8c6972409fe552086e8a2064f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab17B8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1903.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit