Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

b56c56415a...18.exe

windows7-x64

7

b56c56415a...18.exe

windows10-2004-x64

7

$0/Resourc...d.html

windows7-x64

3

$0/Resourc...d.html

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...n.html

windows7-x64

3

$PLUGINSDI...n.html

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PROGRAMFI...gs.exe

windows7-x64

3

$PROGRAMFI...gs.exe

windows10-2004-x64

3

$PROGRAMFI...ot.dll

windows7-x64

3

$PROGRAMFI...ot.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    69s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 23:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/eula_en.html

  • Size

    11KB

  • MD5

    f8aee788c2a09699cd4d607e1db670c8

  • SHA1

    6457b766f043d901a6dd204d00626c4bea02d503

  • SHA256

    503477569d8a48c47c4febbfd4ae6d3cb036856432c8212dcb0226580e7034c9

  • SHA512

    424ef5a4f2653b27b3ca921c35e5e36f28c41ddfe9bcd6b5aba7968d87129826770777fbbfcdc78fce8512c1dce819be0e355282d4a729580591ff296a751162

  • SSDEEP

    192:CuJ1IwC9cgY49ui3RkHXh4Uy0nzlb/1J3GaocWtS3oHoPho6Sxj66riCmQ:PJCN9tY4Ui3ROxJ1d/GBtW2xj66OQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\eula_en.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2564
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2564 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d4880904495e4e8be1b49f391393a5e

    SHA1

    9c84b2bf9dbc57eead18f4e9fc96db79f01ac890

    SHA256

    65e6d1037869c79d7b795a0197b908eca4c01ae35e526889445eedb3dff75461

    SHA512

    a5f64fc458b4d899c89889c5c579f14a17335e33a61f906185f975486390396c71461f93c9dce140feef6531e40d6a15fef0b9f4f39c014a5171e2340f67c13b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    145b714231c81c55bb760e3d9a278aa1

    SHA1

    89adb31db9a93f5fa42bdfb7c4b6eef69df74eae

    SHA256

    951e4f3128dc10bb23f438e24c3988d5dc3ced558cf57fb7ee18a221b7199d1a

    SHA512

    4939115f4efd10786227498e8795e6c1f1869843ddcfff97a340d6f58ea11ffe87546f16fba8646b22f8dc4bd1378c35641ccdaf3b30552de7bbeb41cfce88b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f21996179c3f56691aeab68e98e9e2f

    SHA1

    8100757a39c031257c87d4eef5d93c64046fd348

    SHA256

    a5d5ab8427a5edfe31bf8d8e98ce843acc7cf0e64cca62e5b15e6ea20445ac2b

    SHA512

    aa8c780c60ca635b966a193edeb54d035c896d82f3d45f3ec5091ea7eda287c3260c22932c7689df82afd75a5ad5cd97201eb0b6f09d8853c41b3508df7e569c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a7a9d4d2b8187106c2e4d3d76d4a238

    SHA1

    96c31dbba32aa18ef64671296f0e96845b84e1f8

    SHA256

    faf09e7fa0f6577183f79c878eaff39b6208ff912c22bfc7bcd58886c5397ed3

    SHA512

    4dc653f283ec52ab8bda88508fc469940d55f5227deceb8e678a1d9db84c63b3426418141e332c2d1bd0f73dac38a1e4b8342e6356bf0af7d03d8232299a574c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6dcfc46f3210ab2fbc3cd9b52fe6c10f

    SHA1

    ffaef5ece42a0a9b3ab6a7cf32dacbcac0a76272

    SHA256

    fc63faa110548cd5a0419758560ede45cfed848769167ed26f7392587d27d84d

    SHA512

    4abe7a859608e785e6447fd75907b7209b1125904466480fd211d793bc642f37af43786d91c04b33fa0a83177dfca7e40f451aaef5073fccf16b9b758cab0570

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7594b8b29ea988a2654d467c5dbb2e6f

    SHA1

    52f20acdeff71ff6a1b7e51f71a0e8edb7e6268f

    SHA256

    3fc566bcd7b8b979053467ac03a553f26e40bfe4df6e04357c0d9816161e653e

    SHA512

    578a1eba0aefb71e3e26ec60ba52591f68ae207f887624a18c2be94c4f24ad57db6522453e969edbee3a617c381cc4a8dc9417615e9693aa9be0121b68b09d8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c3282a72cf0b12e87ce10c519005910

    SHA1

    7e0ca2df6fe4d64fad1745dcc0012449f47d9d4e

    SHA256

    681fe24018793616c67f305be91879d91982c0b86e10174943764eae0f9998e1

    SHA512

    53c1664e68738a3319db300fe4f7d3e5b52cd8b5278a9fa7582d788cadc089e762dea40b7fb2b04a82d568f6f71fd3ac21d5c05500866bc92a8f9012c4ab8649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da4bd0cfb8888e1007f4035e508bec6c

    SHA1

    91148ea01bdb1f0fa41594231e153277b8491ea3

    SHA256

    e78e841668ee86f0fee2915aeff88313d4ca1afa9c7ff09daeb985c8b8fa7c8c

    SHA512

    493a3e079575e470ff29031b07037a6f9fa7c908b5a4e3c8910725f007bb8fda59e72f1ba1cc44161d2a8d688107f65fe086031cf938bbba8a06f87fa61eb93c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    765b08ff98dca5439e5685b7f70b619f

    SHA1

    989650462b7a69454b1f1afb683b8a7af0cd5866

    SHA256

    a341b3d3a9cb44425f1b1f30e71f4e01c09bca6878b3758ed8e86d3557beb194

    SHA512

    8f1ec58c3d7d8b61711faac76047c72ff491d162afdc1b36134422e59865a7bf98e01f862470d35ff4bfef42100a231f0c82ab09577ffe5d462963cfb2c4a333

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee0dbb50494f96b634e26eb399471c2f

    SHA1

    5f3db248d4cd2e5db04d95a5b9045eecda80263b

    SHA256

    a9ffbef9cae4dd580cce32bdf99507a10097cd7f4982714c3b266fd19c03793c

    SHA512

    01a013e7f378409a7be5d14d5b093b128a53c1ae17373faccd89646ff5e87be44154745e39797ea606f900d712caf3757a06a834f01d8df5ee8280948119f89e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f04009e9f55dd332b0c18f0a91d1cfdc

    SHA1

    3f9159b065423e35898b888dd0e9f34e704c7e77

    SHA256

    25ed32b398685c65dba242b6963d0a69d4bd0f18dbebb8bec1c813421c44fea4

    SHA512

    c80d6aa67b0d8883f6a65b22847c134ac85426a70303c4803be0f9a1b763b61f9cc8cd1f62c5974214039ddfa786f55109b404a2a40df14845a976067f461ae8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb2ef846a6db50cd77ead4b0ee5b9131

    SHA1

    867c78d2bb7cc0197ef33685fd1cf5b9ce4f0d5e

    SHA256

    4f665703fcf02bb2b77733347db064d628472b85aee38fd5b2af7da9a6f283a4

    SHA512

    605d83cc8098acbeb549870511733236d3bf3613da692f9d62c57fe975fafc161917faec39dcdda295d9a4fddf0c038bfae10e39f36ff7f7c97708465af120cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    357ca6ccd09d5dd0960883693772c787

    SHA1

    cce01f97c7c92c8670e65f050eeb6969af06ed52

    SHA256

    1d38db221104416435d4d81b3a44454766fefc30d85ff5842166a19d3168a3fc

    SHA512

    ca144bf3b9b44cf02bf63cbc6bf07f7e90188bf254f74b109d1e8efdf4a56c0a9e2ef3f0660638360a7a34946a249b28451251b55abacb4905f88ba3a2bae985

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5eaf0da5bf568a068dc857cd9117a1ba

    SHA1

    0cd7ab1bbf3377ce1b8fa42e8028be170b1d496c

    SHA256

    6b5da62798b6176bbeb310191c4c30d3460066e10e8b20f098535c554ecb11e2

    SHA512

    aeaec6a7ceead377a824c8a01bb029a0a83ba4d17867031fb245c8e013d4f7e1a03f8ce6c4086bd71d7abc4d694c6da365153408c7b5f072081429d0385083c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b00b3573db78920c4fd95d633aea0d0

    SHA1

    53de201f0da0c6fe283abe034c40eeba52e78c30

    SHA256

    45b1b479650987f124e4a4b8548b3fe4d928494a7325cc971d06578832fc4bdd

    SHA512

    06ec2e802007b539c124d99b08010a22b71210be5f44af377272c18251ef48f658c11431272d99f93cd9e1317a462d90b958ae24380e538701863e08588235cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8b620d1262fcd03dede1ac88fb04b5c

    SHA1

    33e5437ccbb1366c4071715cb4ee12e010524488

    SHA256

    8d2f6f7233b335807026622e8a29056bce59ebffe88d1fdd93cfb229df3f2ac5

    SHA512

    40346e8406dc52f3ff519f9b70d5613ccf089d4aa69eb581e46b9ff63a9d9db2509b27e9183edb2d727554814f23c3b83db01d235253a76ef1e5335661a9f7f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    608e2cdb51b371c72feabf7c38461354

    SHA1

    ddd3fcd28e3c65ce5f60be6d9fa7718db83c3539

    SHA256

    86e97877efd826750f51483f534d9fabdc6ca7ca300da145d5bc432b3771a936

    SHA512

    56d51add999d0ada9733cd40a4bf1de3ba22a2afb087f8380effe00120b333fcc09553e6265e0eec19ffeadbd2419824516010cf47202e7a3880e3d29cb51e87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4ab1c5ae90ebb27a0eae2a8ef0a3e7f

    SHA1

    9324a169d040616b9db41b36222878646dac2423

    SHA256

    eb1f482f275aadf46f71474bdc2d2ff461e0ebea8ed555e5d21014543c2361bf

    SHA512

    8b9643a68ab32ad9bab5bbfc6eaa391c1e8391e6970af540abba35c4f3462018f7614534adb91e3a9fbd4c410b527e2ae8558cdddb060c589a3c5f92cdb20db3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab66A2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6763.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit