Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Achates.html

windows7-x64

3

Achates.html

windows10-2004-x64

3

netadmininstall.exe

windows7-x64

7

netadmininstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 18:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Achates.html

  • Size

    2KB

  • MD5

    0144e03a3d903eab1ba94cd7235f2ef6

  • SHA1

    f0c6ce892ae36619329bd843c147c06cf2038a96

  • SHA256

    bbb57cdfa998f1ffc19329a4c7b50d4070b4e1a4b233b3a049085473c8a8bcfd

  • SHA512

    cec62af617ca3b9c596d33959fcc66f1fc74988d19a7164a0d835d3d53bf221e9d99beb568bfdf904251d88ae55fdf1db28b74e561ca0d9a86740d703ee54112

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Achates.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06fbd0ba548c5278b49e42e061dbc5d3

    SHA1

    43ae7b183f029339024a2884dfcc3d86ba6831d3

    SHA256

    61031fa7a9ffa8a2764e38d9ea78c305d5b926e3bd58a45227c52e85556e27a4

    SHA512

    fd01b58550e962f7291d167f7c556f5a28bdb68a5eb263f5b49024267ca9f8516dbafccaf54613fa6db7976c047106648ab3a5798effe3fc6d110be6edc7c42e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    693ee7396706d11e3737c1c140bf203d

    SHA1

    c25ad38f772baa15e908cae8de6ca50ae545487c

    SHA256

    003be1cb61de73e62acd335dd97c6dd69d406c3730ff580a7d0c45ff4abee938

    SHA512

    066566177cc3815a51bf539c5c46c9b9be93bb641bb314b66c6b9fc106407c6a53d0521b25c4df25ad711e2f1087448df6f069b0b220b2a947d8467d9f1eed55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13b6f81fc1e639d00e8ea8d17cd9939f

    SHA1

    aed341ab6f4729542f9ff626b83e89c4defc1e50

    SHA256

    b8f42dd34fc982184c0f3941bdec3f1b95466aa704a41174069951820ca82e80

    SHA512

    3e8f04d515b086a3826567c6801307e3880f54284307046d98fda35c103200c13d2e40bccf00cab7f2ce88253c48c9f1adc570ead2a1dcd2d0aa8ae95adcf129

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f726d349ee124c34c9c4670155562570

    SHA1

    86eeb2b9e1956ee522c13cc98d2e2da21e19797d

    SHA256

    e14dbf9f7ce118282ea9be1a1450d38dc729561461022e1aa4a53dd98818b61a

    SHA512

    00d3b6ac9752479917550506e557632697f4c50d262ff2e1b2ab37430ca48bef5462c044a305ef46adf2b8944c4df6dfcbaa9534c549d9a94b0adf145ef90d81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae7a124362e8a8105ca4d3ea262cd00e

    SHA1

    45d86001d69aba2ee470524bb3af7826139defa2

    SHA256

    781c20b2ec94e391d90a97eac05048b9f370c3f2db2e2ccd28dbc913010a983e

    SHA512

    e9c1067a811ab29a942435e7d45d5eea50fb6af71bbfff12ff4f360373f104f4698542d02fc83874cfd5aca1a7fef9c74386600da0c2118da33cb2f588a4ecac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8ae1d8ec50d8b439e6956c4c1094343

    SHA1

    46580c18aaf3aa3d6f42544e38b9d9e2001c5884

    SHA256

    10f99b41aeb0d8e3f0f751b4009bcfa52693420d6cfad84ba2b5490d4fbe157e

    SHA512

    c0c588a5714cb0c6527e21e9d69a41c97d0b6515240ed880c3e3914733fdd32638c95155cec1a884ba32a45872257f54b620f94bbc9306c082f4b10755b3a6f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3eb4722d3616eaec0c5b16aab59db367

    SHA1

    8ab4b4ec74a5a05c87bc6eba54f777f194a5978e

    SHA256

    b46b283bc7cc4cf3c23a6107e2d8073fb987fc1e231f6903277f825314987bd8

    SHA512

    521dd37e13ea52fc78ee6f186139bac0520cad64491f5e47c172398550933e6b42fc69a70640f9d31aed4c74dd5769cf8a7fd3a414e3d49c2f66a817779af94f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    816f4b24201bd1ddb972132b7acdf617

    SHA1

    c3bbdde6ff6260d9432f7bb1f2824c58c551c7b4

    SHA256

    c0d74972ca837a727097f01646da500603e285674db0948a3d8278ac13ea2b83

    SHA512

    1be56da03dbed2c00fe2e22734a00bd5b1eaad2b6113582b6d971bbe66270b3c6c0b9569e71e0b8af74b0b13fa82c6879cb9d99412d2ae347605fa2e4062f04e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    124353d7861eec3cd847d1fadd069aeb

    SHA1

    599313132d0972437bf42b8ee221085e7e1f9c56

    SHA256

    469e5145be6ffbfe173e191ad0ba8d63e8bbeddfaca1965ab111f2eaf91d13d4

    SHA512

    03ec83b3f92734e0f7a7b583ae305b0ff5f5832e294cf8b74a427c5423dab1836f146104e05c8c6093f1949d4449e8892a09b70058501f9377d21cbdeb69c787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    424f6b05d72f1dd089a324efe5fcd28b

    SHA1

    69db2a329ed48ba4c0cd076f4b7cebc4a4271f62

    SHA256

    1ef638eb7c359eaf9b43b7b4d7a320869eece5f65fd10b4021690b191f646115

    SHA512

    6e4d5a4321eaa80f94c0f5b76827ce4e948e8744bdf8b0cfc95915189731ea78ce550e1d2ea12c5c55cd4687eb08ef38cf6724fba5ba4fd12f96a81c06488518

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c3f43e790c8b08dcbde77d075cebcee

    SHA1

    d600781eda1af3e2056318d33fb611ffc74acbfc

    SHA256

    94dd04cfa3b6e05cb3801c2ace50c5272e2c684a6b4dc0fc869a94e827817cdc

    SHA512

    96ef2dbacbf23eb8d73d6787219ce32b9fc5a8578f5b47c817f525a24e349db76a38de93142cc69f2ff9c186d9e0a450f9a9d0e6113127bf4442c711df8784c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e4a069e9af5f90a37412dfaf8e544ae

    SHA1

    a8963f7647a5bd8359d7ca208a0d4eeaadbfb482

    SHA256

    b9a91cef8e2849e9ea6579cc7e07712e2ce6bdced77d6cfae4a19f5599917bd5

    SHA512

    1de22af8e31aaec1dc204120b21ba6964b92e2427bc6a3da23a4776f0f5f89cd8ac4407151c16471d5191ac30ed38d13e165cc7385e1d0a6664b0248c65df168

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9dcbde257c655f65fd3e60768b4933e

    SHA1

    6a2bccb10afcc31c77586df582df1970ea463860

    SHA256

    ce21280f6289941f81b4f813819653b95f94a4073d3c04d518ab9259943cc21e

    SHA512

    f643f711dd8c13e1c79d8d7625037d59189b920e1b2592d7757944079f63abdd87ae32e82447bf2aad99e0a94d20cc4de3ef4e41e5373754f5ef220a91cfd848

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f3ea6b2f20e446047c6911692867f7f

    SHA1

    691c7f625a6c28795dc51807b1f3ec77a4f50d33

    SHA256

    3da274403275f202bfc9a7a651e5e12bdca4d50bf3d41be030aab939086f675e

    SHA512

    a20ac2da9c6e6a51c284f2ffeb401a4b0f51a84e1f55b5f20d6a5ae029bf0e0242a52a65fdb3eac96aabe6d02728345ede76705bf654c5a3f88d086df33dca8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fbb2ab82903d4616218a22ef1661a9d5

    SHA1

    70a8a25ce2a2b3719fcd55e2f1d7992ad5684efc

    SHA256

    e0a73a03b61400bd2dd593da8e11170465b0a010e67a7ce9908d4109767b1e46

    SHA512

    27111e1a095986e4a6d65e1509c7fa9719be653f2baa39d4a5937ff8e32ec52c973d6462c9d00878ea0d1a619128b247295cadcef93f7dfad822414411b75869

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9D3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF81.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit