Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://nexuscreafil...

windows7-x64

3

Resubmissions

10/08/2024, 20:29

240810-y92etawgrr 8

10/08/2024, 20:25

240810-y7nqyawgjq 8

10/08/2024, 20:24

240810-y64e1a1apf 8

10/08/2024, 20:23

240810-y589vswfmq 8

10/08/2024, 20:16

240810-y2crgswdqq 8

Analysis

  • max time kernel
    52s
  • max time network
    53s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    10/08/2024, 20:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://nexuscreafilms.com/linoleum/braille/?GWdikZfzgM=bHVibGluLnByZW1pdW1AZm9jdXNob3RlbHMucGw=

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://nexuscreafilms.com/linoleum/braille/?GWdikZfzgM=bHVibGluLnByZW1pdW1AZm9jdXNob3RlbHMucGw=
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2692 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd3d79eda786b6ec714ffd4c144e453e

    SHA1

    3e05c7af4b36c47b328577c3773fd2af7d3634b1

    SHA256

    6f958cf7e802beaf35d8cb2a524bb90b2cd00dc4bb3600152f1babef346b30da

    SHA512

    a8c435e9d35051f44ddf4bd669a7202158b6ccbdc7138b565a9865cb9284edfe2bd2ce42450e2cbb5f0379c85bd4e43e198edbbc3c5da04ecc07eb12dbb73b74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e54af3df91b7802099c3cdc262b3e991

    SHA1

    413a5592a8025f5e9b3aa344ff32bd137c30a8e9

    SHA256

    634e3cdf41ee955ba5dbce694cecadce41c426da0b521d69a7d81408d6d66b66

    SHA512

    75ea6fc809d9ed0b4f59055f8f1fd339455b398f9386f81c8713cd9f49609241b55e2c776d5c4a182a85f1b7c633cca2031a13d1fbdf3e9cf0808e84f533c7f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df508bca0888c92f9b21a7fb17a5014a

    SHA1

    d540d3bcbe2f7c0f737f44ef692ad209d05aaac6

    SHA256

    6b913cf0b650e246dabf5108d1cd6e6b444bbc516cb28541da641957c0c36f84

    SHA512

    fe7c1de6f2cb1852c19bf0bb3d15d6ec70c774d75ce413bd2419334f76d8a5c2cfbd1a95f1fb7362ecc85130482e6e1fb70e7036cbf65eb4bd5be8546f7e6178

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c38c61ad043a6e36290594f9b83b1df

    SHA1

    a29299d8144ddda5d6e470c596366a4cc1eed84c

    SHA256

    e5c2b1a8be81c9428467d2f275bd0a3cdd62fd785b1df4fb4a7a9132a236b8b6

    SHA512

    3c03e1898a77f34885706244cb2fbc03254346409208c9af70b29cd379e2b53390064fec46949b33d581005ff89eb0254e9738593d1921f0eeab385ed86c0905

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35ba55eeabebed9287c22c6aa215d642

    SHA1

    0ec1e1e07a1f67309a3da5f11439f6e98b9b2b29

    SHA256

    24aabae957a69e50005218844988245914edb088c267b8f13446909ceec2a2bd

    SHA512

    9956cc0e1bb8fb3942b5bab5d12af51792ba20c92ca4df8da9ade9b7207c8a3a5bcea9693457599b90738d6b967f422e12b5d8ab728b262c46549b3e5050dd0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efd02c3dbfb0174f4f096356ee200391

    SHA1

    f74816c243bf55c3861df1b839c67cf6198b4ea4

    SHA256

    8fc56f8f32669b0b908ad4be3840fc96bd4750028f6a627ad6b3d4f45bdf3b49

    SHA512

    d5c753dfd73f3a0512246f2614f530b31990ccfd9a7fa27ccdfbc2ae055c9c4883cf0bbe7c942853e375c73b375d751dab3921d9bbb99307c12b92c78c7c575e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab710E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar717E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit