Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

SceneryPremiumV4.zip

windows7-x64

1

SceneryPremiumV4.zip

windows10-2004-x64

1

PrimaryAssets.json

windows7-x64

3

PrimaryAssets.json

windows10-2004-x64

3

Scenery.dll

windows7-x64

1

Scenery.dll

windows10-2004-x64

1

SceneryFN ...er.exe

windows7-x64

3

SceneryFN ...er.exe

windows10-2004-x64

10

SceneryFN ...config

windows7-x64

3

SceneryFN ...config

windows10-2004-x64

3

SceneryFN ...er.pdb

windows7-x64

3

SceneryFN ...er.pdb

windows10-2004-x64

3

Analysis

  • max time kernel
    316s
  • max time network
    321s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 02:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SceneryFN Launcher.exe

  • Size

    1.6MB

  • MD5

    33c468a10d45c4d09d30282aaeb0d543

  • SHA1

    e7cb8cb9d4db1bf7c0342f9e5e8ff40cbc8e57da

  • SHA256

    8eea98d14907d0b1e73f64998ab88edf18be07e1b9554b6076c4f84f05a42e42

  • SHA512

    5f6756c202696a53d3994d76b5f288e60a5497f130d0606afecb82da5ac355d1372c2976997eb96311c80b2d6187ab0dbbe4fa1ee904526959bb123bbf396a0a

  • SSDEEP

    49152:z19zp6mePSe6IOu9h57e8RPEkqXfd+/9A9TSanieKd:ZXaSRduz5SoEkqXf0FoSW

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SceneryFN Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\SceneryFN Launcher.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=SceneryFN Launcher.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2396
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2396 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d1febc1f63941c1e941aaa2be8c615a

    SHA1

    d7326db26478b87a2364e54e089f1a8e6be0d679

    SHA256

    3c3661568ccc5ce07ebd51974895d74006ec6929abd0ba44dc62654aa571fe2f

    SHA512

    94fb6737bdfe23d64442268d4c89e93dcb6f0f3b4f1e463c23956937388ad0f6d2db9da8c4ec9a4d360535712738cf382dd660959e31a8ca0abc5c484fa32412

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    107c883d0f3e46e54b91e32a27c53f94

    SHA1

    b2028c2632b9c714117ac599378e9cefc01d528b

    SHA256

    47dbbefc74ed7e041c77cc14bd94b0bb967f59369dccce5dc3c5323d5d9a7d92

    SHA512

    a749c97bae8540bbf261bee8969e1a63cc1d7c8eb6af5ad908ac8a13bdcf00573304f44c79a429448d35533216c4be40a8a9c29b7c2fd3d4d63dc52100c3d53c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a764cb62bbf7952896c3a96e868bb3bf

    SHA1

    d1b9ddac14936ab3b6306eebc834d7260193ab1d

    SHA256

    4b52d815f48c733f3ad2b0f9124340d9ef6b03b431dcd83a0d3820e823ae1f67

    SHA512

    3b89241827adf47dbb476ca72d1e63662159a42238fff93f11f22b47413d9927612a40e3e53dc42c1b0fb606cc981d9215afc35cf75804418679353fa6c713d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7ccddd1faab32de80f607159ab3b253

    SHA1

    1c1c8660aa9c15a23f66a0443364f6bee31ba7b2

    SHA256

    f56394d9b3cc8fb060279e3c37cb28f51bde3806e551f227b171bdd2876a43bb

    SHA512

    86080ac1d998b84466b806422ef3ec3610c3068ff3e338964eefcacc4d953ffee9ba3a96ed125359be2e82851143cf964e5c0dc3153c4d18056e32d928098e3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec2c0e8625bae021423e5b6f0ae451b4

    SHA1

    aa76efeb4467dafe6ec109d05e716267349c93f7

    SHA256

    0adada41e26dc31b1a75e63ab2d7136cc2b3243b6bbea55eca87eeea40551ac7

    SHA512

    088e72aac892f29f51aeafdc3a19cdcd287c55972bf9ec90804c5a9efd276df8d0f174120b3ebe30fccf1479e34522162d7d8c2900035a2acb1bbe9b2eddba15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b892b04644a245e72e79a007ac65257

    SHA1

    64af7cc30b8b98c35fe511eba25f683276393ec0

    SHA256

    ca6409037e50d379c7ad8636ab336450a9abc77e54edf25086107132076363c7

    SHA512

    56f1e9cc2cb7dd3082207318d44f259a1108714fda0d47a197e6ff5b8c6360efe6a172a3b35f86a643ad3e6bab58cea09c24cd970aac20d24054f81794e9698a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ef3446fa98a85b1d555f55d41bbbeb7

    SHA1

    df7706ea4881beb0cfefc7ab512a97b800f88401

    SHA256

    09a2c36fc3c536ba685106382c8a4d56c63dc2adbe584a948575c448ca2781c0

    SHA512

    f3a5acf5f34c140448a8f1f1e5cf6114c75a9ee70ec98ffcd8cbc83ddce6a138606603b1bf370ee1be13ce4f952dc0b88ccfc812fbe5d178f6cd086f6d065a81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    daa0b7af0da07af4f697c6694a9c3e30

    SHA1

    9782c0c65355b61a9ed10570e57653beec8ea25f

    SHA256

    1cb6e8420027b1430de79c3026a59443012eef5c7cfab8c9cc5bc6908206ede0

    SHA512

    4cd61fd36cf9ceb3fe44b75d912fa86929c79e7aa19e00a1b90eddd2d7b53d02e32e2fa8da6d7496675f28460e124c53d9e75fa366d71d32b06d9cba043b3b9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02c60899795d85b1c62629ef3b4cf5b9

    SHA1

    e7a9030e2e43a49ff651d8f9e281ba738f9bd03f

    SHA256

    08b238f4a9dd136d58cb54e05599ae26a3346b3f52962a8034eba38f72de097f

    SHA512

    83c0a9078c400b197fb2425b2ce7ea91eab25071d099b20b5ba7c3d57534f8d0b87e22e65e7c1317c643d181da9991683e9146dd588e2c6b8922023c37ddd551

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    334ab7c84a030867e787c5993e8f87c6

    SHA1

    c3a624e1b383a6e2885f9814f41ec49471726e00

    SHA256

    7be4bd149726953cdd0803fcd777ab4a581ee839c701e9f27621eee2b84d80e9

    SHA512

    35b69d1d3f34fb7c10c2c7536fa6ec17ebca3178563066e5148d91bb3a46164e0c93c780d859fd0241c672ab5fa274bcdeb92c5b1e361c71addd2a6e2a3c32f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c302d020daf6c9f77c3f2481c830691

    SHA1

    4ae18f8aab717269ffd04914fd5174404d5d6609

    SHA256

    51a2ff7c9786a7abba17485ce6d84d0e3ebbbda1846115d42ea75c3926e2a66b

    SHA512

    0b14e0e27232e56c88a42dc4810a15994581cfe7c34105c2a351fa3c2d331a47db961ec2f351d59bf0aa8a3c3cafc85faa23a18cbc317c8d717c2d0e21c7f620

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a90111b6d12afffd08a4b4dfc38e1bc

    SHA1

    c0d106e7282b9c69c3f48903c1c9e58bcf35823b

    SHA256

    b4c2652d2f108f12854ad78dc2700fb04ab360e7e22951cd143a74aeae004b89

    SHA512

    151097dd373ecb47c5b6f48ecbfdd645497249df26feeba0cd90c4adea4948e94a5919a0945cadb7a7516c47fabaa290511f7ac763a14e16be652d7ecba9b252

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78466ae0521388d13e7850fd74821cae

    SHA1

    44f95ad62406995289f07d69b0c0f1d2944b140f

    SHA256

    93d44e10c5f27f43704ffd15270f44b375a9f05cab264a6f7bee305241d42701

    SHA512

    85971ddd0ba5d697bb3d4e74c2cccdc4aabb4a332a325b3741d1c91dfb4bc84d806884cd4ac2fa1b878ca028d00c8f31cade403585436daeb716d43cf96c94f4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAF45.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAF57.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit