Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8379c28556...18.exe

windows7-x64

3

8379c28556...18.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

6

$R0.exe

windows10-2004-x64

6

StartPage/$R0.html

windows7-x64

3

StartPage/$R0.html

windows10-2004-x64

3

StartPage/Local/ie.js

windows7-x64

3

StartPage/Local/ie.js

windows10-2004-x64

3

StartPage/...e.html

windows7-x64

3

StartPage/...e.html

windows10-2004-x64

1

StartPage/...k.html

windows7-x64

3

StartPage/...k.html

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

3

StartPage/...x.html

windows10-2004-x64

3

StartPage/Local/wk.js

windows7-x64

3

StartPage/Local/wk.js

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

3

StartPage/...x.html

windows10-2004-x64

3

install_fl...er.exe

windows7-x64

7

install_fl...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/08/2024, 20:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StartPage/Local/iframe.html

  • Size

    2KB

  • MD5

    7f025dd24024bb1ea34025cb86d17522

  • SHA1

    19eb3d0d0a365f0997868d50256cce03ad108761

  • SHA256

    0e158e6ad1423ec383db5cfb656e559bdce6f57bf11be464eea555b0d1491423

  • SHA512

    bfea114378bd67b353b9e208478f330910074b2dadc78e82d57cca752fe1de080d10838f0e60980260aecb0ce5703f1f176cd19fd932e74a2726bc0aae5a32fa

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\StartPage\Local\iframe.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:112

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97dae97ac6de4bfeb7b2fe41f356c016

    SHA1

    e532408636cd8a3dae68af4a6fe97c08681934c5

    SHA256

    ab90369b3d018120d7fed544ea939c4d2b4064bc3723b012c426e8f7a006981d

    SHA512

    87de8f0ae417d2c719a503faab21c69e2bd9ac2789f6e53ae6f20a5ad288830db6b3d8c84be593f62a9332232c9bad482cbb2da70479e68b01311e5c480fed0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b524b8aa7dfe3d120cd86ec073076dee

    SHA1

    7491500bef4e82c84533a51b3d2a5f8518ccaa7a

    SHA256

    71634c6baca672779d22fca24161edc7870e125706bb6f3dac961fda8c60daeb

    SHA512

    4369a4b9b065a528b620a9f241f785ccf0f6ba5fc51b582870b8e8babb5947cdfea026715af22b1a596b955e7aece755ebf0c9df5c651505a577d975d16847f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ae0f1cd545f152d253755457578d560

    SHA1

    13f5f39bc6b591db6793c2b691ddc55994ed57b3

    SHA256

    b8a0ac3c58d31bf6ba0493eef5b229803bfeec2aac375d8d861a6cfb425b5d83

    SHA512

    73b617d86a6d43489c6a052855eb7a9f8e740d62efbdb4276da06777a342a8e7b5ceaad8a601e7d71751a0ed234d7bf665b91141f5e7a5ea165aeebb6e01c10e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9be3978f167422b47680b476e462ad6d

    SHA1

    e28aaa129d94d13a6ff7d648232b95b55c2bc897

    SHA256

    f3d67dc424ccdf9db42dc9da92d7ff67f5a9085901170c06c26acb22988c5e2e

    SHA512

    eb55540402dbd0df0346598a6fcc3161f8b51a5989bfaad2a06d36593f0f318d250c4c5e2577efe2f69c37929813a6ceb83fe58688d41572621ad5e619cba805

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7dca468c5ee2c22b3f5b8efb565ae7d1

    SHA1

    4de87840bfe01507824047a288e588f3b66456d4

    SHA256

    8271062d4523d443972149ba5718214cbdf29abaaa61079d36e011d9abf21cc6

    SHA512

    c9b161a47aa4751066c2dcfb312f928a3f2b5e1f3fb24903ec61ea4a826b877f3df1754d4ba7f9d28a8a8e84ed7742f4b343258e0783f40e87802f1b11e53547

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d987012f5b3008315f9d39d5947545bd

    SHA1

    30ca339f0a2778410a039ab73031c993f6a20a07

    SHA256

    adb9ffd889ed019ff647b41ecc457996fcbcb8ce3aa267234a6dccc92ac15d05

    SHA512

    cc3e780db0d689d2bd09fd5fd9c47774ece056f27551e32ec50ac3a224c8ea6e20f0b71d1731e4f3ae17f38bc72f8630fbb02b30ae89baf23e46f81c8fcf3147

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    223d3cdc9828e914e7c0118ce4808183

    SHA1

    499cf341dfdcd20bf252f3634a8454db76b61424

    SHA256

    938e9958718639b1367792c48d0ecb5206533db0b89e927aad33bc6e0f1954a8

    SHA512

    236af795abf9cb7951347e761888f9e9969a33a5555866693ed392b642540797cca9ead5303829886c331499b2a54792c458b3238abfbd6ef7d89e30f022d4dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bafa39ccb9fa3c635a630d518d310e96

    SHA1

    82a264fb2180e3a98f3b9018c2f3dfea179504b2

    SHA256

    2cc1898fdf59cefcebcb6900588a1b9e2b653b21058432c38182dfdf5935f360

    SHA512

    ca1d35bf1364e5b87bc4da5fed19b1560d2c900d29e45cac261b8defc7501a01e7f219ab9130ea8b4d5fa26e148cb49bbad72836f3c544725271cab2d12d6404

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6acf014e21e70ffc3d24988b291f8090

    SHA1

    b20136825288c772b2fdf2cfe2e51dc95575b57c

    SHA256

    b90c4df5865f50e8a310a1843d53d94f7525885921d0235b0ee99d567a3b3317

    SHA512

    c2ceffb1b85f9a3e10933e7ffd44ff9e7a205ffd307bedc42ae7c03cc5d539e585d1429b01c02f20c57ede6685251a67358fbc424efa44dfa6118960a58c661f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d51e27ba8eedcd800a9570542d7dbfeb

    SHA1

    a150d7c1c8dc645a857bf141d8d1135ce93cc46e

    SHA256

    2074926dd896fca61ebb48c11af660e72f3de9dea2f09da82fdbcff6e87c2acd

    SHA512

    e1a889c3ad620c6ce291e3132788523283324235b279bab1bdf2a7eddfeffd9c207c8da5e729881767a6d695b81cffba477b5953cd83acda831a7729b741b2dd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDCCA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDD6A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit