Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

viewform.html

windows7-x64

3

viewform.html

windows10-2004-x64

1

Analysis

  • max time kernel
    5s
  • max time network
    4s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 22:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    viewform.html

  • Size

    52KB

  • MD5

    4647a6f9fb88c7f085484e86b5aef196

  • SHA1

    fded84a64e8987d2bf3cc7d2c29903092ae23910

  • SHA256

    8567e0d5086e54119872d9cc48143b587ec30023c2a625a88a6ca1d2acc452a3

  • SHA512

    4d3f8277a0847a13d7a0949ce7942da69e751402eefb0d5f158aac0ee9e61e96707bcdcaa2ce1e7695b66af7978b86c7eb8d487f65ef77202d8067d1dd8dafe2

  • SSDEEP

    768:B1wCFqjvJEdW5kPevESFCNHojRZN0uyeuiP8Ad:5qHOPevE7IjFweuiP8Ad

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\viewform.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2372
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    278d262bac7e6dff789cfb20ed44fb7c

    SHA1

    37c9d7b55a2525882d39ee343241a469108a1981

    SHA256

    8f22291472e39a4b782d53f05031dabd35ba8ee052c315a26f642e29a9f89784

    SHA512

    ae8f41659074dfb91324ec3f3dc1020f63f2cf3d07928b336168eee34d02500c617365c8d1957f01bf5840ea2a7c6d30aed098ab3f6f926da6005a786f698948

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    170B

    MD5

    7e6ed36bbf2576982239f8e3ae665194

    SHA1

    d66115e537d4d66fee21d9386e25464917080342

    SHA256

    42e46d56a567f15ceb10b4fe5fab932954e9ccf231500c7901fda547dc217221

    SHA512

    ea66937c0f5b8d0a6c9452cc7d53fd9b8f7f4fcb8dcc1100d39d10b9df7573620f4406167fd9eb1ac07fb34f69ee9092684b00e13151eeaf6afd31e1039e81e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    491b01bd290eb9adb37369d7c3f694de

    SHA1

    e84c0e734a555b627853650e539cc4ac4c027978

    SHA256

    0aec888c695914e2c1e12f869029d017dfd46bc84cbb31928efafd88bcdf46eb

    SHA512

    82743d7d82b117fc801195955e807400dd4bae348b407063066b476f28db56170ca335c9307cd2887768f5501769398fc96366df26974edb7bf49961697dac56

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1C88.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit