Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

95d7253a90...18.exe

windows7-x64

3

95d7253a90...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

3

$TEMP/remote.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 11:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $DESKTOP/Internat Exp1orer.lnk

  • Size

    1KB

  • MD5

    9ffaab5f197ee38cf1fe65e19d4bb217

  • SHA1

    39ee57d785cb31b75fe79879ab5dfed14eb1a28e

  • SHA256

    6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

  • SHA512

    eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\$DESKTOP\Internat Exp1orer.lnk"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.113w.com/?waga
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2636
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39562622a505a6e0ef7c79677e9e395f

    SHA1

    5345cabe593d4a66bf82c45a7ed0c779e11be994

    SHA256

    d39eaa1a4f4014959e1c8802b3657f6432559b6432c9a087499c09612d81229f

    SHA512

    b885ee152b06b2ff18fae090608658c626d84ba1e6a8bd3f4a352b1e74a6b287e05273f748f931c6b7abbeede7d54c2ae7ee4b8da8236b211a613b917f119884

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0f28ea9ba1eeeaf31b2a21cde0eb691

    SHA1

    7c33dd484c3f2dc4cece07245c8f3297bcf15162

    SHA256

    392753627dec8168b9f807eba79654d51ec820e46abff19bfbc41a442492d069

    SHA512

    7322b2b04a240546dacac79dd11736e8107b5e5ba4520a1b6e676c4bbfdde9ea9c9afeb1797c652cfa88928f60c2af545179a82e92c25ccb2719e56ba3ee98e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4a54750076a1504a00046da5b4d9923

    SHA1

    89cd15965615418c74ac4e7e553ef3082842d98f

    SHA256

    7c223e294b73936353de384e825401fc999aecbc831d330404321d8ca27f0c8f

    SHA512

    65aca18880797c5d6a31dd07674da05e9988402e9193f28bb289063cdef5785c5db7c0e2369ce3b9de6bffaa073564f9ba4552ec3fcc55e725a0ebf94bf7f9e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3df5d2af495eb92ffcdb92efc18fca97

    SHA1

    20e217c1ffd9006ba095b70e44e914a68d83a70f

    SHA256

    5080a312cb1846297ea1f6b8a31a729a18110f48c215fdc5ed8a832f4ad1f424

    SHA512

    debe2b7060b6205d6a4b6e807b3126e25741799d8ec2c687de75a9dd28f67c1412bec912129828e5d99f6a025768e67cf0e94bd6de7349c85a5511b3a2b200e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4520c3b9f9374fbda9f62df6715cd0e1

    SHA1

    eb66d733eff7cbbc75e2f4690976ae3b49df6818

    SHA256

    d48e7cfd7dcd0671c6008d108a409aee93b9e709a4107725d964340341e17c17

    SHA512

    3ae307b1af965a0412e048f41b6128ee00db251e7563618834a23ba6557c332003dabde64a2ec8370059ccf8f2079787352e6843eef83fd0e9fa9d925610a393

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8614e36b69419892dee814490db92795

    SHA1

    a08ec0d81e2922e1f854894596fc767d1c94fea0

    SHA256

    097726c0a78145f8b2e0c1da1adec43c50988cfd21abdc7fbee62ebb88537f9f

    SHA512

    a76fcddf22f39ac8e4b29782e483c9286314fea7aa42cf69751a4be2c09f36fd08bd0289f66d68091611a79a5d922af44d8ad564d3a9e53ad347d1af84670374

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    183bc378b18dcb62a2f70b8b98a40a92

    SHA1

    a09dc5dce41184d0f8b8296723f67bd772ceb160

    SHA256

    0e20f511b7fa8a1ef9460a2db14e36578b08916f1fc2a5dfddd395d88757eca6

    SHA512

    3cf540c05878c0444dde98de969617345c28a3426c419b843075edce88658df4064595b8a6f661cdd5936a8bcd8e56c10b78fd1cdb663a6f44266dca6234eb7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8b56a041f88853797ff55ff7a543d8b

    SHA1

    ad808d9aba86991828d88bdd3a42334641d69f58

    SHA256

    8a6381f42ef8f6cf089c411ee80af67c93b6af6c320a13bcd4f589a0a741d079

    SHA512

    3e325d4cd3a96597970b162723357760bf6efab2bbc854bce805456ea1899bf41dc7e8577fff124863bc342624328601b0108a91fa95036b6387be47ae9cebc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e4b174f22b92d152a4aeb0d7e07006f

    SHA1

    7578888296c5f24a012e275d66d3f1a359561bcc

    SHA256

    c73480517d583b83c1da60f4efdff17c79e54948032ec0dd1ce5786d00940aab

    SHA512

    9137ce3825ea24daea6079714f905919fc1c60ad13b53e338b2e3906ab7dfe08517c54171d0889cff801c93a5ec537c6fc1084330ae8fa0f898915eaad5b4d42

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E2C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar43AB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit