Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

rarelove19...4.html

windows7-x64

3

rarelove19...4.html

windows10-2004-x64

3

rarelove19...DV.vbs

windows7-x64

1

rarelove19...DV.vbs

windows10-2004-x64

1

rarelove19...ct.vbs

windows7-x64

1

rarelove19...ct.vbs

windows10-2004-x64

1

rarelove19...cr.vbs

windows7-x64

1

rarelove19...cr.vbs

windows10-2004-x64

1

rarelove19...us.vbs

windows7-x64

1

rarelove19...us.vbs

windows10-2004-x64

1

rarelove19...ng.vbs

windows7-x64

1

rarelove19...ng.vbs

windows10-2004-x64

1

rarelove19...ch.vbs

windows7-x64

1

rarelove19...ch.vbs

windows10-2004-x64

1

rarelove19...le.vbs

windows7-x64

1

rarelove19...le.vbs

windows10-2004-x64

1

rarelove19...ot.vbs

windows7-x64

1

rarelove19...ot.vbs

windows10-2004-x64

1

rarelove19...ID.vbs

windows7-x64

1

rarelove19...ID.vbs

windows10-2004-x64

1

rarelove19...ss.vbs

windows7-x64

1

rarelove19...ss.vbs

windows10-2004-x64

1

rarelove19...re.vbs

windows7-x64

1

rarelove19...re.vbs

windows10-2004-x64

1

rarelove19..._a.vbs

windows7-x64

1

rarelove19..._a.vbs

windows10-2004-x64

1

rarelove19...ub.vbs

windows7-x64

1

rarelove19...ub.vbs

windows10-2004-x64

1

rarelove19...in.vbs

windows7-x64

1

rarelove19...in.vbs

windows10-2004-x64

1

rarelove19...ly.vbs

windows7-x64

1

rarelove19...ly.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 18:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rarelove19.com/404.html

  • Size

    2KB

  • MD5

    f3034b26e90fef0393feceda3a884b0b

  • SHA1

    7c7f7ad2ec6ef2674e2d646e7073a4dc6686b25b

  • SHA256

    37f7e4b3c8f9d346add51b09ca926b9545e41636bf5505b3277a15f8384f5984

  • SHA512

    45d07982c7b391d709deb4cbe58661ce573a9efb34da2858c4934f992370a49316398574d4481700566382b36d8dd3a6fe673220ddee05cb1389887f8e11239c

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\rarelove19.com\404.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2272 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    440c82ad9e62668cf8dd1853d0831c62

    SHA1

    c731da94a63450ed4b6c390aafce60928aa74316

    SHA256

    e552afeac6f3fe4e31c4780c8e1703292df03dd4c0c0e15258fb765998a16a6a

    SHA512

    db9672ea6b23a0bedf05df9e0670786f14cd29e4194734f89fda158a71fab20e943aa53598c17e68a878c458d612181910eb1df1e590bc9b240ece1fa1aeee7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef1f33e04bee19178b6a1d5403b69d44

    SHA1

    3482c009f3b12fa374abacb1e979b4d666de511d

    SHA256

    aca56633b03f747a0a0e3b25a74a6a300be41a6aaaa9d085bf70c203edaa234d

    SHA512

    f430be89d5f4acf7c1efddddc82e9f9c913501f9503b775c50e6da3d9157a39cb4f8a2877cb6b64618c4ad980f5041bd5cdd9f5eca2c00389d62e0b6ec1266d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21dc5a2dc1b670b8fe41a104a9bad424

    SHA1

    9a7f8d96a51b867ed6d16c50904bd388ff7726c7

    SHA256

    bc67b436e9c8fd6f19887074fee52ab7be0a25a78cec7dc545275795c3e6d7b9

    SHA512

    6e263fe8601373d2557a89bfb15aaa0916650b8ca5a710d05e068810f64fdadea58f2dd796bd4ae1db697c15d1a1e4c2edb093837eda21356976e9c89692025e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79c4983f8bc228295bd86409fe9cbf3e

    SHA1

    503a509c3f8cc80b2e0aa904b7c764c5c8634a6a

    SHA256

    8be9ec28df72d25990d583ed6deb5b73103d407c7dbbe711b8c366788ea1ea82

    SHA512

    ae978b3ae3df09561524a4fe310e29c11e393bb12fabde024b592319188507949ca1de3cf9a20af1fc828b693453e7ef999c02248b6e3d0161b9ae996c1efdb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df5c452b15b8a4e3a4c2b4451138d510

    SHA1

    05a24467e6ced053d02b8ad0c2078c031235c24c

    SHA256

    ab97eb1ece05b82706f66649ef1434925d032439a0fa3a11127585046ceec870

    SHA512

    7e73ca44d17824121789fe94f37b09d6cabf376c3315a51782250cb353c3f5919db19ec1efca9e15d346453342b524e37f685df29db29b2174855529eb034379

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d793612a0ec715a50cfcabae8912b5b

    SHA1

    7f61300266a9bd3d27a08ad18f7298e44590d3a7

    SHA256

    e7089ddd77162e22f0e57e920748e8713b4c44207f6c06abcd3b585e31e0a036

    SHA512

    a1aa6e640fe627960c988076ae19ed3dbd96dd8fc0da509c87c2e368d9055f3f419115eb5fad89e12694f1cabaf30a073bbe3e8ffe57152e243d48a3090e8d17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    520325aad125d1f90114263ea795c0be

    SHA1

    cce1a52688731ddd78fe11fb263faa1a47edcae9

    SHA256

    63a98e2c04e91d852e4e0e3cfe72e9bdc440135228ee1e5b4325b281de331163

    SHA512

    51d9a069fdbef29654d489af9ebabb1aefe879a38ffcd82b6d7f0a44b0120a80fdacdf3ff885a9ebe2d46eb7e6258bd8e9aa5d8dad948090e8f1b3d34d09082b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae4a07c4d51b7f519f11efd26cf305c3

    SHA1

    80fd55ef0aaab573114d94ee65cd7eab4390f675

    SHA256

    83bcf71245016867d69624682832e5529a37f5ef4ff9f6aac06270978f37b894

    SHA512

    6d639183950e5daefd90e5d794e2bac387d57233e18e06ea9aa172d63917939494f1eaa01b3e595824c925759868bf2efb11d8db05eea842eebdbffb8dc7a11d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf34f4c9892b70b12e36cb02b3f568dd

    SHA1

    408729cc1b6ffbb5670ce5c62e55d3ab9c6bac7c

    SHA256

    de535c082d56208c0ca7f0e2425a3c628771e86807eea66e97f5024b7b6dd144

    SHA512

    19a720c17142f67a62769cb7d97717fbe53392262acc73b5dad344d1f6b393b2bad5828e4942839f9a949395082acc595fd71f6d81c6aa5091e6a3e7e5b20b53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dac937ea722e341c6b97c65e00031eb1

    SHA1

    c8061900a026643482b97743a2868cd74d24ce65

    SHA256

    dd52869c278af114ae76840a0bfec68e8aa17a12694a3be64ec2a53ee6d98c2d

    SHA512

    249d646d2251eb59ec45c59b60287d5d4f4d1e4908082d165ed63d9f78887a4341ddf0ff7d38801dac977d73a824580742b92b261f7d41b69fe4c0d38bc2b323

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f11bd878213204d15ca307b23e462b0c

    SHA1

    7d53bace84a6eea0f0dacc532a1df5699a50afdc

    SHA256

    1aed52c810d0e8a5c7798b257039ffdaedea644a5c4ee773426301a4ef5a32e0

    SHA512

    51b97766bed9b3eecc021c2c266d2888251edcb19006d099720279f689297e43d63dd348e26f58ac0004e79d07761410034bdd6e58a56c10f8215a14467beb47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39363f155e652533dc870ae271295869

    SHA1

    098b65f45d09e83c57265e47d6271ecc415b11ac

    SHA256

    b13a11b8560ec32d19291c22a6941b3616933682b089b48027fa43a33d89e6cb

    SHA512

    bdfbcfef125fe15f43c46409f99e12c808c9616fc4a688dc3b4721c3068191c7dc78bb627fa1787f5ee25a52eab3321e10d3770607f6e96cc799677db7ea1342

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab78afd698f81221957dbc14e673fefb

    SHA1

    96262317de9cb92696415a82cd2c3384e53d2085

    SHA256

    876341aa4568d9e80600ad7162f42e1b0d7ecf1270b0988a977e276cbb368155

    SHA512

    0b177747e77d821c4eced1b8696b49f068921ef8d7281c5f286aa9946e778b9e1fe223d72662d6bdc190b607c935e5386d0e8b4302ca34f9d350bd4101023ed8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93ece2742a3ee74cfd98309603f77a69

    SHA1

    7722a9b8dd03adb44ce08556e925757332a7d3db

    SHA256

    52a85878ddb43e0adbd5f3b7683723fea6af87d31f5856e70d35c4b8e6150e1c

    SHA512

    3820ccda4863382d5d048d749e2ed13fceafd35d94374b80518b7cd5be2b1ebe2cdeb78b0c3d6dbd7e36d6d6702896301548e02b749c6fb3b07809e2eaba361f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0810a245f62e01a2395693baffdb4fe8

    SHA1

    f21172fa85e41bdce6bba7f7c8d0463b8d57d2ce

    SHA256

    936ed9e79497a7eb3d0321ce87f0320ce5668d1f66c4c3392e5523592c1c53b8

    SHA512

    ad7274d02efbe799221829c91b5a5600d214b6cfbb5c640930b9fcc40393b8502a7bee53cdfd047517227316c200081a2748d33b32ce73528f80919a1df81f2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a584a4deb3193d5ca77194f2be651630

    SHA1

    385523119d59161779d3b064c500f611fb5308b1

    SHA256

    34780341eae6b8e2c8604fe19a0b1fc8fee01b22ac1cbcdbfea604acaf6a2212

    SHA512

    e4c42eca1438334535b152c9d0fdcf5160d204b0b888cd90395e028c04e7fcbe92926bb853249f8fe23bd98177ae276bb3dcf841d01860f270b89b53962df3c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2cbffac6236d1ff633cdee5973a5f9d

    SHA1

    92f98af417f71192d677e06d35b74f7037f32fbb

    SHA256

    7121ed81effa63b5e9f04d0a28cd59674c7c6c68a22d632779bb4ffbfa63077e

    SHA512

    2c893205b26616c75d01918227e75b2da7c13842b2ae0498ee46ecbd5a9664f1b4a11e271986942d75211e322ceecff56ecf4a0c16ba7ab8acc99e412ea6ed22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae713e115095037a5a5020deb0c079ed

    SHA1

    40524c6583ed2652edff6b33e0a23f250f55c517

    SHA256

    9087c5cc2d17a23b59f5af2c477eb22ebcd749f52eade2497be5d61742855f6b

    SHA512

    2875e8a2fc34c5cdfd1c9da24a21c0f8aa4f18d5a736ab0e42033d88480660de84a76afa69f65c2c51281eaa199136093bc8273b98bafc50c85b761ce21ab3e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3794dbd2f3d43dea088f64bc44f1577

    SHA1

    94b40eb55a7c5af118efb141b5a43631b16aecd0

    SHA256

    c86059b6dbd3d455b771ab6efa056d4871ed9cb5e1e1cea263c371ce0bdef409

    SHA512

    0eb461940180b7350a2325e582361460b69a03ba1495002279f71ff9b4a882717011acdce1fec6d464bc80aabd6f919281c80f36fa7caef6c96b699e2a172aff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2DF4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2E76.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit