Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

BL/INV-676...8).htm

windows7-x64

3

BL/INV-676...8).htm

windows10-2004-x64

3

Cargo-Ship...6).htm

windows7-x64

3

Cargo-Ship...6).htm

windows10-2004-x64

3

Analysis

  • max time kernel
    65s
  • max time network
    66s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    12/08/2024, 09:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BL/INV-67667466666.xlxs (8).htm

  • Size

    7KB

  • MD5

    f13d40564cc78d412ebfb0c87f640854

  • SHA1

    4e53edc5596d050e25bfac8fea0b9d9fda934445

  • SHA256

    2462d528f165b7bc678788da39e7bbdb9fdfcad5f826b86a4f4a1e7feefc07d3

  • SHA512

    bf60631e890f1de0c5c15704d8e33469ad29f9172ac62f8d331a40c1813794142f88cabcc2cf31a26bb099973b04e5d410bdf4d9ebaf714d33eeeb0fc86c3342

  • SSDEEP

    96:xQoVUnU9JnCt9aja3sZqu42UhB+ogOab6NhzEC:SAUU9JnZGscuCP+vVmhzB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 42 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 30 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\BL\INV-67667466666.xlxs (8).htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adc5c76577c167d066c19f7ab727a479

    SHA1

    e599a05e75910f82d7e2f64da8a2f7e35d9813ed

    SHA256

    60af4923008cb6730635a2e04c3c4d3ffe1211f276f6edd885d77a92900acb8d

    SHA512

    eeca247d0653fc64de562574a959f226269526c40b559c47aeb3bfc63e1989e1296113d034a7e3536c0f9cb7e097e630e255583a6f84ce0924d5ad8a9ffdd645

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    702c5597cbd5959eef53bbe01b6af6b0

    SHA1

    2e1f011ed6f9f6b29fe6e70e423db4f288c854f5

    SHA256

    dad484e100abbf23c0eb66d4c775ae363f93d9b93ab745700e3cbaf52dfa1255

    SHA512

    dff4a33b19febfd1bf6cb27161e9a653be7d84dc9713b6dff198289cfaac518f51c7736078da87833fe1be1546b76296230e0d39e0f852f2e55706342943cd30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c115ba40ad6d7f9bbb977de2bffa5531

    SHA1

    525d6af39f45c7ace6a5fe60534c84b1795e01bc

    SHA256

    f60a29f03d1d5f076504c1636c0e0634eb2551fa198de4cae931439790a780a1

    SHA512

    5a9a645e22b1867559650b2fa2adb5c328134eb687c9389a61b4e18d0c704f7604ce7914938763deafb2ea9604c5fdb58a3f5fde8cc41956bfece687013caaeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8dd76ba876fdb9dff105eed109e5aa18

    SHA1

    362c1e7aea95df605afa7e68e1adc9a72244817d

    SHA256

    b6bd865a150f7bd001074d37f84f7e25c2986743ab574a295eb64e1f6b576927

    SHA512

    b3b72fcb7e07ca2d71c9c5b6886d66baeb88edd43b552af07350d3cbf0845bfee33771e20d08193d808fad8b0b34c9a60e11970dd126c1217c9711de4474edc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b66940298e8329195b7a0f63799ab71e

    SHA1

    38a75ad0264056e1ebbd3a63f6e2efbaaa3814c8

    SHA256

    01e7d4974874b5fd5ff39c3ce0a62b0161fe7e226d6209d035ca6378f56b6617

    SHA512

    4e1a8a2612158f1caeb97cd108803a413df08f9354e5790295eb1251bbd95db45ceb6e96605393602c7fb882b03d40414cb7623cadc16c024dde7bef5d3d6a48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    185377633e0e82200e2d2498293ed47b

    SHA1

    d5e73d5a1bf24d9467f556a4a0bf23a959b30c5e

    SHA256

    9b295c1c61009afd510d51ef13d5b90c5ae8a9168d3cbee2e055e65346c50b98

    SHA512

    43d31e7200d73ccfe749fcf0186aec9f3ef24071614d039f653f402eb0f99bda57ea4b2b87505d686a4da202dcd186a903f3a193b69728f28b66cb856d60e749

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3078117508f6c28575a8fa11e59628c

    SHA1

    26e3146c11f58a0aa631b9935a62f9eb4d1d8ee0

    SHA256

    4cd36e6975ea8832e3dd3267387c4635b64ffc2d35e38a6a3df3c2a9fc6cd7ff

    SHA512

    5f155f9f1f510abdaa3e9172ae529f0d5b71783cc31a5439bf4fd3a6c0268e64aa4490c5f3c7ed0e03d241783044974813063f26f8a97b5a01a0ec242d8242be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e8a453f5fa9ef4321f5dc5c9e3a47e3

    SHA1

    051f6fdb69ce9cf95fa4663e9bbc1ced80fdaf30

    SHA256

    73aceaf776c05ae13c40344e2944404abe469a52eef84f7052aefbe73fa710b3

    SHA512

    d403ad13fa17b6b202f806600909d6732a6262fb0b272b72b56f5cc014836c466df09011e987a31ffc0613243ba8c740e7c8c071803f05ec55fbecfcdf629c31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c953eecabc201b127fbf11ab76462a7

    SHA1

    2bebb449c0c758e646f26a9d1a1ad6aabd2a61f5

    SHA256

    36bc9456df68454b9fccaf921bafe69bddd0b766b6eb7cb7a9c226910424b69d

    SHA512

    6c6f9807ed97c94d60ccd003f0b8840976551fa568435b9281d47c4096703322689f7c9895f49082bf22e1c1e8e6b03387fc85dcbd89ad6efd5b6922aef60b2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    706a03fc97e37c4a42d0f66df11a0dce

    SHA1

    92b018b7c0bf38c64c76b92347c76b86e8c5af16

    SHA256

    3f62fda962adcfe69975f58d42f4fe4bf04cce5f6ba07f59111234dbd0583b7c

    SHA512

    d45aeb1e77b67a93e40a458779f08533e60df24f6312f4922ce7ab870794df70a797f89fd9e95c407a33e3b52007dd3b7cb5b7a944b032aa751b24dc643be1ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55dbd83d030c1dc9cdb869975d569c99

    SHA1

    4c72531f180396c68a625f92875f8fef30170e4b

    SHA256

    54aa2b5acc85ab4dc9c224e954a9432f99d3ad8a599209e8cba723106db0c267

    SHA512

    1688f1f6b4cae60710e8d4c3fd9b017dacfb7a76c70b157509f5da67bddd1f5cc9fcc04ffcd5c5990e45b68583335e3b253cb9bd9907e80a6212fe878d6001f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fe1162c1ee2b823d35e020ec9b313cd

    SHA1

    0785c6fdf4eddea3144312a51cff5f1f75bed8bc

    SHA256

    bc2d3a1fb7bfedfcf405681b10760966680e1b9eee18773d7a459199f94c4917

    SHA512

    f1cb49cdd5035aafff773f0f17a92590cac997f238da0dfc4131ff43a6fb3fdca07b49d7ddee9c10c949ba0ce4e3d40363697d4fafb2a40a76490f0354c7e0c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15edc486ea0395d23bc89e4e0cc7729c

    SHA1

    9d32c1d9a119359884e6d9270b059ae2495e2ca3

    SHA256

    0f45ff390f52d9ef927ee0659ca911bfb41354578bada5a989e91171ea565456

    SHA512

    d4c7de715910ac1dc23d75dd8b29ca6b87025de4e33aaee54fbe007256ffe7ec9ee8f50a74ee061fa073a69b9f03d0acd72e9cd60211a7d559619cd38c552cf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0dac4a63fa373f7340885978b8f07aa6

    SHA1

    bceb701ef21b11c3b3a4db1bceb24e472e75a603

    SHA256

    6ad2fdabfc80092f8a05e3e6e9268dd57400f690c9a9432936bacc24b20f8899

    SHA512

    8f8871d95d43e80a95620ea3b9a95bf63ee768bc68d7d55a4f7311e3743402988386c228b862aa0da96316f96f2f055c43177e8fb854218438770a21f030260b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab71875845625de82c4afbcb241d2350

    SHA1

    5ee7c0171c4ee6b8ff2528871ae82a2bf42405bc

    SHA256

    cabcf9de83cb618aeb039240aa145e093db3f777f3d64097fd80eff15352cacb

    SHA512

    dce18306b139fee9081d75145ff73f6a31037885f5395f3d2788191acef89c55dd94d9a04a1e4579af55f0deee5646d73ad6d9e04c13565b840c0c4d9f9cfe57

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab590C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar590D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit