Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8379c28556...18.exe

windows7-x64

3

8379c28556...18.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

6

$R0.exe

windows10-2004-x64

6

StartPage/$R0.html

windows7-x64

3

StartPage/$R0.html

windows10-2004-x64

3

StartPage/Local/ie.js

windows7-x64

3

StartPage/Local/ie.js

windows10-2004-x64

3

StartPage/...e.html

windows7-x64

3

StartPage/...e.html

windows10-2004-x64

1

StartPage/...k.html

windows7-x64

3

StartPage/...k.html

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

3

StartPage/...x.html

windows10-2004-x64

3

StartPage/Local/wk.js

windows7-x64

3

StartPage/Local/wk.js

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

3

StartPage/...x.html

windows10-2004-x64

3

install_fl...er.exe

windows7-x64

7

install_fl...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    09/08/2024, 20:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StartPage/Local/iframe_wk.html

  • Size

    2KB

  • MD5

    388c90fc50e3e7399da677c10fd108c8

  • SHA1

    6c1e457174aeba2bb60c1da4e88deba7baf74364

  • SHA256

    209dba04648f85caf01b72d112d3312f32731555cb984771f24dbeda542d994c

  • SHA512

    5a70d2fde39626e145f74b3a94aa397b79b6f534d3da37f6db7fd5465ebfc881062003b97f6b74a9ca67799e6dcc5c31b8419bca4b2c18c3737978e1429da44b

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\StartPage\Local\iframe_wk.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32b7d5d14288da1e6db1c400e3ebc862

    SHA1

    b9e5595ceee925fdbfc274f2295fa02cf56e6a00

    SHA256

    6b163efffb865dde1f11062c014bac684abbb4a5077da9e6366fd40cd3cf008e

    SHA512

    38c73910ef612356c8a26161a7e148e58daad04215bbdd18765797f7465728ba9a5335a01959d3918ec671f5f4052242defe4302c4ebccbd1cc0c04117cd92c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    053d04fd79eec3dc40e0ed01fff89c22

    SHA1

    3c3d0a997d9f9821add3f1517faeed756b387dfd

    SHA256

    221921e58f58af6f3aae111d20f32cebfa32d1d991f0affabe7bae6d8acc971a

    SHA512

    2a2b72d314907a01e56a09f0ab60a788256082ae1c2c4efcc58e5bdc90747caead91e9b5ac685222dd241855d3cfbd8e429c2fbfd06fad93b433c5988e2848cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f898cf57139d89a6e8bb21f75f1bbfb

    SHA1

    a320925a1509e6ffe8673d036909d7952ce67236

    SHA256

    a4df63c2f3de7a06f705605fd83feb4be7d9e1c758764804b784b009d56f82f9

    SHA512

    240235836f1cdfb50f301afab67b6c2e90eab4cfe32dcb8056fb35f8444d17539c54ac1e17d09d14f85ba7bdfa9ea57e8fbd8f37cd2cc79728f84ce58d538474

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58e49f3e232508ba80e9c5992d5718f8

    SHA1

    d90a40a391d5392d07801476dee8a26f4fe35629

    SHA256

    e80b53c8252331d24d4a992581b75b024e27de532604910fb6c6a4266b0fce74

    SHA512

    ae70da227c46bb640f1cb46daf1e4e631dbb0caee9873d0d00b757e35b27f2e5912e160b8cd56d369496a75183ef6590b3d3186eab35d44761c88f9978a33b98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e2d3a33a2ba1f990b8366e9755fb454

    SHA1

    2f3713d4fb047c95226cf2344dd4693bf6dc331a

    SHA256

    41b72d6c46b027469568d1434b537f89d190134578b408d3db0d1608f7134b45

    SHA512

    9ff3a30aede09a588c2f5113c52e1895f4ac7e7decf284de2cdc5463f87e22f572b85d2c02fd24d5d94e0e288d11ef00b32ec2846414215df026925499747948

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3edeb9c7367b34dc85fe2f8dc670adfb

    SHA1

    d7278be30e29af4ddba40e55e7eb44d73988c5de

    SHA256

    61c82bd72e5c485bcd5c0aaf7e3378a43db56a83340d438bf3e25d3eeebd47a0

    SHA512

    ddd9879e4ef4c95cba7f793f15badf9bb55917339b929d4a07e91a8ed731418e436780eeef37502f50eb644cff34ae1ed3713d7b4b9140ac401ace7d249d1beb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0bee85a71a8662d391c0ec55b05fc577

    SHA1

    30bfe451dde934ce9254a74e2d90b1e80b0730e8

    SHA256

    2b90912dfd7b0f916e41c9656cd055c601f9c3fdc6c9224a2bd4b3296dca0d35

    SHA512

    0311b63490c35cb2107803af8d07d18b5aa0074c0c2992a49dc90d5a83f0d2e43b0cc2404d79d6c25679126890ba2c281a023939fea9bd03f1df5a61463cefa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    622c9feaa641c272690cccc9079b17a1

    SHA1

    cf648f005f71f1be948a5aeda1bbb46dfe82bb42

    SHA256

    910562d6f2de43a3e642bec0d36a5acdf820b160b9943af70e522a5ad8787c7c

    SHA512

    1aaead265c2c6295ba02ff34eb3054d0e7c9e0309219ad421454fa3a110bee46af5ae4dca1032fe9a661c0dbce94f5ae89ab941bc96e9d99967a31f42e81eee9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2915686ad0a7ff459d4b80eb3e6cd1c1

    SHA1

    6d208ced4769669c1b874fdef98bfbe4338ee31b

    SHA256

    fc8117946872ad8f34f564c4821555bd562ab2a99a8de2e4983859aaf5d15bc3

    SHA512

    57d9deb1557814e710b2e1e471b7da8a0fa918c9a8d7e773f76604921c8f57a18311a7b9b8fa26e5dd5928d108d9a85c602c020148acf5478ae940b975469f4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42d566355f09c3b1fbe2e892f8a9d9c7

    SHA1

    d2a7349c39eb0e6d3d1c959c8cd6ca5a323bf03a

    SHA256

    687296922e23539881fe142bde25d8db4dc40b956273e3189cb2bc64fc935131

    SHA512

    fb814244308a84a80a578fa6e7c41c19086d43f9647b9cf7fdb14459ba8afbae8d6eff040d7560e9efd9eb8dfe3fcd47b5095dcb3206a98786df77bffb94e242

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    621a5b6a4b412d5fd9a406ced3b5e1b0

    SHA1

    737c9ada7525d50b25acf88ff2d4ae2ac5bb3e7c

    SHA256

    598f82a4023fa556a454466411fc86f0f37155d6d9657e7e0333128988c9df7a

    SHA512

    86ac07e6f20ee2b83974e7af43e88f26c7ea971f361e1f306b050d086aa14d525c8fcedf3eca6c694e1502819e55d5c10c5de3d849c696dd44f9c96c768f4652

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abb6a3598ed24d0ce4ec0efeccbb6c5f

    SHA1

    5641acae541361280027fff9a311bfb2469db391

    SHA256

    83b236c5e41175f7493361c4e28d245fc0db5b25e425007242ee80e66cd2dd84

    SHA512

    9dca5ef6e41bddb616fe158f9a7c3bb9f1cbdf360c89ed60571c866eadb9bbe9b26b2c755d7f83de57a54bb12b26d9a34106df277aee17d007211642061cb18c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ed6e836eee5842755181d9e66bc0a91

    SHA1

    6d401cd217c8a3d94a0fa1dbd7dce8a91097d5c9

    SHA256

    a1ac351db8dbdc84efe7b3ed1c0a3ec00f0d39468f9cf50f174f218409ef2fff

    SHA512

    9ebe75ba6567600f4c102996f36eadc8618d975fe4d880de9e66cbcfbdb97f66ba5fcb6ae79f62a1533305facb603fd3849ddd01cffb54f1afcfb310941de5aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    101792a831430cd877ce97806044ff6c

    SHA1

    daa45717403fc5286e0249fbd3837b8df188f7f0

    SHA256

    98b18e9b866fbf74dee452dfd78bd99345e64aa7ec07bc4201d6e7f3dd52794e

    SHA512

    c1dfe4b7d5b4f5f3c8e9c8b2fef9fc9cded63e0e323b2f323c194c3720da3d324f5bd757a0406a8d65d20cdbf040792feab92b66d3d23a7e244020dc25324685

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    811568bad60003f4cb529d3e5844b80f

    SHA1

    572ba83638e79469adbc508a70287a34b8d44eac

    SHA256

    5be6ab8c86b611f2993078eb39c440447e54a0aab172b31764a8126022cf55a5

    SHA512

    37e7b74615f7065052efce24bfb94510c4104881cd4d205dfd74524d62fceca7b2e672e8a87eb195b60df60335e464a841a013437a56724a98f453f11406fd29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    801d3d79279712a03d543b33cc7eb62c

    SHA1

    88064eb1ee7dbeef9ba295eb9c07a603073b8c0e

    SHA256

    d8a072abc8af498588c96d5980b11089322dd48a828e371a38c6b3863647b837

    SHA512

    edf095780a508e66cb449787f3a9019b8fd8ac3b04a5d2c7876279c4e6d3a8aaac908fe28c43a3930d4cba3931afbc3b1c4efae7aaf332f25d7db11b7a44faa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c4df5f4397515cefe9d0317012e7f13

    SHA1

    9128b2e36315d9db51f3e0af3094a003510cc564

    SHA256

    0a3d576b40b31f59633a890c68410367a355fc9cd59a2b4a14babd71720c9064

    SHA512

    d8f5bf6a2e0c0be7405067e80683ba10903ef4867eca980a5abcdd89393c69151305bfc7198068484fb6a1e73387e1a9d47824c43266ffa41fa71f365caa89e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0bc6366a8b705f2b00af4dbb3754a107

    SHA1

    f22310125290caf85adad03af699a5ad08eb8afe

    SHA256

    43bca6ca64607447971152535d4bf6ec795ab577b2f3a306ce13a07d92b4075d

    SHA512

    77f786e6f31c22da6b9eebc7f37443e1218b48dfe170b9f1019f773882dde5ff30621f27685db827c6f8bba454a78055357f4c9510d84e0ff062f04d2ec6ea21

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab226.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar267.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit