Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 15:05

General

  • Target

    thinkphp_2.1_full/Examples/Blog/Tpl/default/Blog/edit.html

  • Size

    6KB

  • MD5

    2f62577ff5d0dfbe7fe543730c7b0132

  • SHA1

    866193a1958747365ecb4ee6d41ea8df25ba1620

  • SHA256

    879e4fd520d0a4d6f5d24706341e008aaf29aaaa8352f8d42f34569f029c3429

  • SHA512

    d4e48b2efc0c62b2a017195996b7690b6ef36e8ef31515cab4e125da954606d3fd240043568d28e1e64f9decd0e66c19dfc2074f6fef66e3bb081193a5464d28

  • SSDEEP

    96:CQPxJRAx97gmoz8Y5RXJABXsQCu2R+nEQsy5AbnbBD3JZUY+f3oWnDU:XgEzzNGBci03ZY3DnDU

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\thinkphp_2.1_full\Examples\Blog\Tpl\default\Blog\edit.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e84a466fb41aaab369664d955ae23f6f

    SHA1

    cb1101d692f6abe7e0bf3d9afcac46db293c5b34

    SHA256

    dbf4c42b0cf71b2ee18c7f0735f583e3023c1996d90c8af389386e709d49454f

    SHA512

    7c711109cd5d390193e7d51d3c045863e2e00fc787c5aadf571bae20a722ce1c466f051add2ce1a98e4dc74a098009119f517833b6d3e1180218d5670add29bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ae93d1f6e97e9275a47c62759803c51

    SHA1

    b17fe58afb392d2d36c3c2aaebf8345f79da3e04

    SHA256

    c2e66ab05e255d041a6667bbc05de6978e6e23ddcf4d8eccfcbeb8a6afbffba7

    SHA512

    994b3aa019986f8ea4a2d5a95db6ac9412b24dc3a1610384cfb97a850cc055b2478bee0425912b0b75d8d7b3528cba9fad6c56ea2faa0050d09bce9de4d1ebc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12a206dcd0cc63c013b0144ab60983c6

    SHA1

    ea2d753fef7bec99b7e338c172d2059fa8f4d35d

    SHA256

    7c8f1572af9312c497fd0a515655cb7a0f3521dd2115943442c814c5b83d992c

    SHA512

    ca73b4badea7fa8cb65169a5f10840f8531bc2a865de755004b537ec8e1ceb99971ddbbd23ea102d0ac5b7d80de97dc81043f2d98cd9da0cb7a5b2b486513e68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7eae169c42a50ce2347f2b89bc4c7381

    SHA1

    39cbdc8ec5fe6346d28468def62013650a7e24fc

    SHA256

    13d49fd2272e6b778ba2ecfb1b23b9e51bc61ba8d6631fb67764124d594ed97e

    SHA512

    5c04c13dcd2ddb736e1cb7f98040abe53ddc431aa3bf5da61c44258a5ae9ca43395e2b835210847c260402cbdca8a5df5361d80e88aafa3927bdd2cd33d6d01f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    508f2725b9f1252c9f7b0496c6c3817e

    SHA1

    aeb52ab31054d1ae562bddc78cc4278017828ca8

    SHA256

    e836f88aa562cef449c4bd0fa0c34932a700a030fb7148588e240278246228f6

    SHA512

    5977e78481ff203a2a388065febab8f23274cc6df11b61cea86044cd0c623a4cdf07d1cbb4c13698efd3bda3b338c02dc996548420bca37fb2c666178442848d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45ace4ea61566c89bcc27f7c183562d0

    SHA1

    e9d423da110774ec7c21de49cde67267b56b6bdc

    SHA256

    86d645963c0d9cde4585b04ed31267386ddf5e3eccd8e22c5c5eb833d98e1e73

    SHA512

    bf9e533102475cbc71d8986d4713f5704fb21b7caed8f16584ce61a3745d5ebffd9519b3ac2a6dcf6c60804a02aa34a35871f0076e1713781311b1a682f35750

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e8125df84f714742918afe87163f3bf

    SHA1

    5b7d3f7a2e37935152b5d20b7ab6161dcb2852c6

    SHA256

    17d98c8110c8dae6a9f6f25c52a73b053c6e7d66abd5ad187aa5d3cc70f3a915

    SHA512

    7eaf11106ada157f8ce6847466be9a3ea38df962a5bfbfd584f3c95edb5b1c451a2de7cba12a0834039da1582f1a1a9d0cad2f1d6150fe547380059ff7e2a0d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca6847a132d316033b3741ff06b02ce6

    SHA1

    6c93a92d709deffd2cad454b9cdceaba2a80e85a

    SHA256

    d14158a87aa0af40456d5764759d5903f927aea043baa5b8aed90dd2e76cfeb5

    SHA512

    3d54478450c176ecf045d0e7a3b9377b790c9f28fcc8f749003b9487aae537e8966c067b32319771127e1f93344f68076e746dcc81231f7a65e459fa2ff947d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6985d1a3632652c548cddef913570abc

    SHA1

    7077b39dc9b090860535d81312261b6912a28f37

    SHA256

    601b9069a36f643c2ab69bd9c2b56d8239ebcbb3b6a67a9bb64133013a16b5d4

    SHA512

    218c8a94695e131259ce8722eec2688f9c8a236e4bc72cf9bb47d0fba192e11a68b6c0690ddd999c0d89a598477f687e8cdaf7139b9b485850fe4ec9950fcdb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5ceaec41fd29675728225f3f9b4a0f7

    SHA1

    697d8c3d5a519cfbf69294088e5d3dee73b9e98a

    SHA256

    26cefae95a76fa3d7f4ac2da158ff0bda2ca7cacf21018692734e80ba8a4b61b

    SHA512

    8d1c9b6dfc0006cd82a07ed84bfe76cc4000487a6386c26b383f2a38a16eb18cc57893ae00cfe403215ccd28346accacf4bae54db9f5cda285e6688be66c10a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e324022465f55c2759154ab4f5817486

    SHA1

    4c3cb1203f8a0a9805d36ff07b35a11a096607ba

    SHA256

    63265ca8515bc22bc641e026fa80ff0a2bf4631574eb54193f444148bc77bdd9

    SHA512

    05bd6e4d85603dc05b9b188a43721452ba89eef0ff98e5b7502bed23eb8e0db2b46660858a8854dbaaa2350f9bb86dfedc24cda676057895c61ed71c7ca36900

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea7690c300c38ca9b4fc5268e5452424

    SHA1

    825418f32d631e43bfa9eec18e45da7fc9ecd6ed

    SHA256

    9b800bf07a4bb4b3110817732dd39d737a12aed62bebbf551dd083caa4c62c2e

    SHA512

    c7a8ba993ca4eccaec7d089853e5514d36fea4fe9ba6958ffc8a796b860846ca82cada0545145c0ec025b5e603905aa3f33dbaa00b117b79aab26260cb1cbce9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ab1a5381ada7a98ef6c24e13d9a2a3e

    SHA1

    736d474157d79b53623378278111875a2bad8386

    SHA256

    d03cdc6fadc04b385ff21b64e0cf6c798dceefdb87860b66ecac396bbb1ff9d1

    SHA512

    2ca34cc4c59fb05c75dbd715beddf66bf8373ab00bd36b3773edb61dada93b1346c921192f3ae36e1a51fbd5dffe10ed3decb8893a046d903630f1ef6adce81d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96d86fd1fd1f2f5dabd3be8b8259da42

    SHA1

    39342657ade9a8b1136bda5137f72f4e50440e3c

    SHA256

    4ca21146b6f0b3be04f71be32ca64df6e51f0e9864245e14d8e2adedbef8e9e2

    SHA512

    def86e1f86bcb40f1ff6219280b587f2223ecf8807ee0c587e0df6a0581084077b0a3a962d2526ff882594a33e80500b79f6a2c1000bdbb349d50692b3a5d330

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ca51c4b85c2a2d5407c42c2d75b1fe1

    SHA1

    1c8cbc944177f6652c1211fed83367ee201942d9

    SHA256

    51a1341f9a646131ec49491740f6cd1b246d5ba92c138034a8a8bf1237e16910

    SHA512

    774d52c572b5e24d62601e580b526581904bbbdb395f26f56bd89184262e20f6c6fc9d56a850d56a4ea11cc717dbefceb6c66d508eb0f9a1a4568f069e0e7d6d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9cd04a8b50dc9e092c57b0b65d8cbf6

    SHA1

    d123fb023b914f1d6067ba7397fadf8733c3be21

    SHA256

    67a1a122aeddb2edf09a67c0a673bc7fd5c0c9cbf162aafc2c9ae409b884d365

    SHA512

    852f233c60b74604311902f663dad665a70703301a004ed60aac6b9192a4d3a2c1616adfe96067837f024f3cfed13c0728129931bb83d6131b6a1b5c8d0632a6

  • C:\Users\Admin\AppData\Local\Temp\Cab284B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar28CB.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b