Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

aaeb835592...18.exe

windows7-x64

7

aaeb835592...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

MSS32.dll

windows7-x64

3

MSS32.dll

windows10-2004-x64

3

Oasis.exe

windows7-x64

3

Oasis.exe

windows10-2004-x64

3

aminstall.dll

windows7-x64

3

aminstall.dll

windows10-2004-x64

3

mssmp3.dll

windows7-x64

3

mssmp3.dll

windows10-2004-x64

3

readme.htm

windows7-x64

3

readme.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 11:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    readme.htm

  • Size

    15KB

  • MD5

    c0c5883731fe58bec4b6645ec64d42af

  • SHA1

    9ddf7a6f07c3e4791ab1bb20762c5eb3999163cf

  • SHA256

    5b3f01b6b57ca1009205f873e263428677949824f7bcb269e91a26be026783d3

  • SHA512

    645ed592405c20699283e9da51a4042459c0563121d96664de2cc66a8846061750a017616a87d2a31e7a7407e5061fe08b02e19766f5efb6aaaef75cee39d21a

  • SSDEEP

    384:MtrnIgYqHryZVrrdxrfRtrTfrIrRr8rvMh/QCrY5nio0ReiHQqBrwdrilrC+NrKK:MtbQtPX6hI/niJReiHQqSU0+6v45

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\readme.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2780
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d079d8cc399cf9624aa084eae44e716

    SHA1

    f19abc083aded781cbb37adf8e47db253c07cdbb

    SHA256

    f10072ff359225498c43fc7c58f4c905b7a3c91d9b83e9f24bc568d9ac4674f8

    SHA512

    2cdffdbc51630af71b6f2e6a4bac6b79f3f6b07db4593783646c05301a21cac24f3530d6626bb5a368aaa8a08b308f12d7b08185a485b2521cb331d0f22aeb9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42b96815d203dd9b7be11bb638fd5c93

    SHA1

    899b783b60c1fbd932fb11b90c958d24fa858332

    SHA256

    b96e9061497c5712fc7c713240d1876066ff183a3872f537b5c587cf1c00ab31

    SHA512

    e5a32fee478dbec52e468591e3cbcb03707762978bb8d34a92111b4bd267eefd3a8c4006ae77354d80b260a406604345052a5bd29458f5d836bf056ea134d1fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    333a280509a34d398112e4755cbf5ff3

    SHA1

    28df89a4e79ffcc59a11da612315cf0fb39a1aad

    SHA256

    fd4dff6cf6ee9ceb3096556b0873f0478af51d981de4e400962c5025fff7a819

    SHA512

    4e3969493d43616cfb3d7f213122e9e6f5cfca9b51450618b1ba1c683b4eee90918072374fb138f9fb0a78848d01b8b8f847a304ad2ed38be106a8fdfee766ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a70f0bd422c97931e0fd09e4266750f8

    SHA1

    b7de02545dd1c9b42421bb109f78ec5a438c23f0

    SHA256

    7558e8a97e5555fd33674276bb2d8c981a6d7ed7c788cd19e614e45c4325e805

    SHA512

    1104dfbae31430293e309f81fb5351b422cf1c2b45355b933df62daee03d187562aa4528bf3731ad61dc39da412ad346b46de92c74be0ccd96e5caeb65b03e00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75e76bfbe844f3598f2fcf1ed6f09fd8

    SHA1

    e3d06c25ac339113b5091e360944a96fb1199948

    SHA256

    2af2175c6a2e838ef47e6b66e7d4f407b6b9a4e4e50892c3f96dd87358f5d1a5

    SHA512

    7d4d82d77f0114fc19236bb38e281feb3e4907b1d7d3cb28e36e1ddfa82859c97ed5b9e876580e09f9170a91d4627e22406c33118a6ed3b2c61c4429d469fed3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49d07b5c5355a75664fb7fc6e1d64b2c

    SHA1

    2ea4e27d02e2010c4c3d2d5c07b8722a5d58b3ea

    SHA256

    788ef19607a1e88dbeda46fc5a2e91803c59fb9f3be2cff4dcb339a2adae2c59

    SHA512

    846de224dfb3f4c33ea49dcdd0adf52123951558263908a3f3b26909ed5aa63cce0b9734b604f8e655a4e96c162ae0831aea975ab0afff30a49d7359787fe387

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90b19041329c7390d3b3653eab8bd925

    SHA1

    a2d5b656fa0f70e948bce5b544cd3c6abd4b3245

    SHA256

    908458772456a4af05d02ea8fa25a419db53b28a78d18be76ac503c459d33c5a

    SHA512

    ed0b28596f98b1267900e39384559ab7467c23b1c756d27e802f92bedc8c742e1da1d005e3436053fc24bffbda7660a67e5492264269aae63d4b47c2d0010ebd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7157f8b82a76f68d500ce449cfe75f01

    SHA1

    9b7620b566861e4618c78573ca0daefa95e9a18f

    SHA256

    845db82262726a2240740acdeea96a15e85d2b73285639ea712a498192448da8

    SHA512

    4b88527b59e1d32d952e045b441a2814d8b870662cf150ab1d3e121072fa930f1d5f316a56f868d913dfdc5748856aea056f967de7abce8ac075c612779e6399

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48b265b83b1650cd4652ae411e52113c

    SHA1

    eed115b3b69c4c40e32bd6f0c2ab608566721cd5

    SHA256

    3134169998e056214350e1ffa4095064dd172a7af206313db80cc56eb133cdbd

    SHA512

    6f18635656d9ca5007cc555a4d4bd436a8ee30467a1f9c374d9acf60edc4863b452fd16ad7754aa5c2655d450ead9386ac61ca650492db2bd7025cfe23006725

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6deaf68388d9c5d860ed3824b44ca6e5

    SHA1

    875f5b6ee24882ff8799ad1853d9c04bedeaf050

    SHA256

    3d2e5651e93ae0ae11190618e39edef84e7c6de3f5b0e9b754a9887cad844289

    SHA512

    ec30473d3e736d60c00a0b8d32c550b5470ac6b34f7c748420f360d880b22639c4c8a50b6bc4b116087998dbda7a22e14598815368d1d92cf5c40b330581607a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc09d793464941bbbbbca51b13aef489

    SHA1

    b30a3214556eab9cc7556b98eec5c665e47901a0

    SHA256

    2f11e6e5f04365999b866753fe1a17fb8c7500c10d04dbfc6d790699a4ef2eff

    SHA512

    8856495abd4f9beb2ea5dcac1e5bc3d0363ceb0ead88aeafb60a9098282bc99835228dcabccf596bded75d246a552e2848bddf23c11aad0ae1a7dc39a8fe674a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6C8B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6D69.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit