Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

rmaildxp_v...ll.exe

windows7-x64

7

rmaildxp_v...ll.exe

windows10-2004-x64

7

$_14326_/$...st.exe

windows7-x64

3

$_14326_/$...st.exe

windows10-2004-x64

3

$_14326_/B...er.exe

windows7-x64

3

$_14326_/B...er.exe

windows10-2004-x64

3

$_14326_/H...x.html

windows7-x64

3

$_14326_/H...x.html

windows10-2004-x64

1

$_14326_/H...d.html

windows7-x64

3

$_14326_/H...d.html

windows10-2004-x64

3

$_14326_/H...0.html

windows7-x64

3

$_14326_/H...0.html

windows10-2004-x64

3

$_14326_/H...1.html

windows7-x64

3

$_14326_/H...1.html

windows10-2004-x64

3

$_14326_/H...0.html

windows7-x64

3

$_14326_/H...0.html

windows10-2004-x64

3

$_14326_/H...1.html

windows7-x64

3

$_14326_/H...1.html

windows10-2004-x64

3

$_14326_/H...2.html

windows7-x64

3

$_14326_/H...2.html

windows10-2004-x64

1

$_14326_/H...3.html

windows7-x64

3

$_14326_/H...3.html

windows10-2004-x64

3

$_14326_/H...4.html

windows7-x64

3

$_14326_/H...4.html

windows10-2004-x64

3

$_14326_/H...5.html

windows7-x64

3

$_14326_/H...5.html

windows10-2004-x64

3

$_14326_/H...2.html

windows7-x64

3

$_14326_/H...2.html

windows10-2004-x64

3

$_14326_/H...3.html

windows7-x64

3

$_14326_/H...3.html

windows10-2004-x64

3

$_14326_/H...4.html

windows7-x64

3

$_14326_/H...4.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 12:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_14326_/Help/Index.html

  • Size

    7KB

  • MD5

    07b788ccade690ede943468a13b50e73

  • SHA1

    c5b55c2d561c9891062a493ab06c87f940b850d6

  • SHA256

    371cc9058c95eae49d075be9c569f87026e99d2842327c2132e2deaca7f649e0

  • SHA512

    f3f9808b2da6a46917a76833062bd4aece4aff547da0163ef259311495d24b09f77839f561bc7b7ad6befe4cb717d6e49f98db9cf4b038dcb3c21c5ea2aae1e2

  • SSDEEP

    96:EPHCideOK1PLtcxsJRnnQFVK7MnmsEAfxupTUCLrg:IluSxC99MnZEOuVq

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_14326_\Help\Index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0426c17ff040728b9d06380bf5ed90b3

    SHA1

    a4471c7f238cc7ea0bcf27cc2e4261053285b7b0

    SHA256

    6160f28a79da309974e4d44863df42d458bb2d36ea5a74bc7e8d44b29f4f6d47

    SHA512

    8adb302f4a28e89d5d9c2894210d6da689697440ad3d43f20fd3d1c78df8191a41e5201e1fc6a407e146e5dec89d036932cfb10d45ccc48b553c4997974b3d86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cbc6c997a1b849c99d07b2d6c6f2915c

    SHA1

    7d13c5535b01c3120779a66cb3315c7fbcfe3e4f

    SHA256

    61d0697716ec7dfce15061528228972021760550f2594bd674c264fbcceb2a37

    SHA512

    def12149ed2f8c82e71cb7544e610ac695c05f13af6a518b6860a9c595690d51145b9ffb1a715eeb0eb9a8df5a33d99b2f0acb8f6976f5e16d77dc5519e72f24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a53ac42b28b4fd06889dd9b6c146c16

    SHA1

    ff0d8201327c9a2815c9930b6bdecd10c23886ad

    SHA256

    92e866fac1ea9945d1f944c8e3ba4845bbed88fb5dbf9c7c3bb83667cda821f7

    SHA512

    a21e03477b63889f666542f7c5d44dfd6646ab3229c3cefa25ed2ab2d740b9e1ce5deb54808fcb319a915fb295ee4b0e350d9e9ef74443be7caaa8bd06b139e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40902f9689d28e0838be5fc5c843ce1b

    SHA1

    426e6e1956fbbe2b59d0e287d9372d780a7415da

    SHA256

    9ff9aa3cdbb07c69a13834ed68ac83cb3dd33601491cf359225ea38ef3737ae2

    SHA512

    99736f57cdfd1c2e38d91a67298d409ff7d2c8351dbecd89edd31e5e9fc3b1242d72d755395d0f6293e2832feaa0253e797c4dc7760935148b66d3cfb6f4f923

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf19ba89abaae1d5d1000a443f401819

    SHA1

    5fa10c5aed9481d076016e3f6bc61883fbe3bee4

    SHA256

    74ff1c08f9b560cfa87283a60e7e76dad9b65cc27bdfb21a6112c530d0a97cc4

    SHA512

    d892f2e7c4ca773b386b281b85728ee57293674c608d0a12df4da20f4ec866c1e797342feee2836b734a967eb0b7450ddd9599a58d0c49255a8197c92074325a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d10a570d64f608a2b22539d1938de9da

    SHA1

    2cc18cc61c8af4923ebe6b29cc355f5f76c471b1

    SHA256

    73797b67300945a4a653d2b7b4290445db6b5274838a7abbe868b7a00aff9c68

    SHA512

    fd6a45e85026a186622fde02bc75372a266d8cb14053d659a9b7c228f8ad185d346a37497b3d7d7cc58cb68b38e5e44d43a06f1dc1e3d6efc130825c7d8c8008

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1e106fbf57600cfca5748fce475ce1a

    SHA1

    3fa6a7db02597f17659470a8de47101cb204bebb

    SHA256

    ff714086d1544b61a8542f66b1c7c9988bbe83fbcb2f7c67155c96668161914d

    SHA512

    269b5b37be90af933035bd18613abb29b03d89312ee67dc75c6fa2d6d1417f9375efa64671cf79d889161c62e8e77c0115dfb8747a50b34c48815ceb2811157e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2e2c5c2ca8c6197a892ac5300d56334

    SHA1

    a243eefb1756143ea5328cc2fb27c50d82007d12

    SHA256

    803fa4ccf78c9cb0286e70f80c57a4e8f1c014853a5a881de1f68bc1d03c9a72

    SHA512

    324206898733c239c21357ec4cac4b4c2f26b6200163938d2ff5d6c844a6e22ba5ae83f8acbb52a1d3c13d413a8fef1b029461c710ba4e7d55c32c6d0162c265

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52ca1b5ccd55f46a5a875207554a1627

    SHA1

    752754ef6ebcbeb0d31d2189ad95673fc16d743e

    SHA256

    061f77abe13b6a8e2975d097fa1c933ddeb628839d3ac4bdca6ce4d361b48357

    SHA512

    875788e50ed40d1d3d8df96de0a7b2576c834babb1f0292bb49e81e90badcc6b001efa116d77ed9c1f44b2b7736876007281223bac84b0ca71db9f2b3b18f8c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d43f0d3a1d236c63eacdda7579ede7af

    SHA1

    0a69f8fe78e9320060d9d8fb30bfb62007166542

    SHA256

    1d3cd16edd0c097d46357b3abcbf192c021a42afc05da2ed0de7d57cdf9f5e36

    SHA512

    3feb911b9ee1404df61a7b1731a51a300f698d03ade09202bcdbfd1ea68a5668e2ea590bd4ef4ee79408c09edf04b698872ebeaf6017675f3c0a1a577da58e61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf7e8b5a595165de8fb00c7527225a08

    SHA1

    59ee478eacabce2790fc1fa129f99b47fe9d1e0c

    SHA256

    543dd3774516dbdbe7887b9ce2492f0ffffc6b75e382c53b3c5e6ac482e038d2

    SHA512

    4b60691a7b8ab4a4652cd2127ba0a5bf4bf2f53a8f699a39a0810889e47408215e1d43900fa3d626c93006a729be241aedc7003d10399adb516f08d9e8086a14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    226106db5205bb6fa89ae12cac297eef

    SHA1

    64132eb6cc01049d4557cad04d6ef6b826794099

    SHA256

    673b50d6fdfae11afac125ac46d26dd099c508300c5b664e05fd1f8caeb14a6e

    SHA512

    bd7fb1bfea7fc398b0accd9eac616f5b5e3aab67318eb552833a2b5ac67e18d88033953a5212e4ddd3c86f0a8ebabc50b083aa5b5a0a5f1dc5e6d343b46f5b07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4e00e2917bff484cf229e516cba74bb

    SHA1

    0a96aa6d6521a96a3812643a4e72e43298d8acd8

    SHA256

    a2444ce8083da43ba921c23233648f491a52ad416273f9e066fef2cea95d7162

    SHA512

    20a0f5b14959dbda26739014809deb82452eb793fe081d10b2ee6348d17225e4c441ba285c57070059f3eb988bda6e7b4aaae2d27b15ac27ff7e3cfc59d869f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a6f8b2d79afa2cdb6891279e726bd12

    SHA1

    3bc3dd4f4957683befc4177cd19eb4058428aac3

    SHA256

    9f183e9411d3ccb4e5f3d5369b747428d68d8d3d2d6c8d227315dd6d99218cdc

    SHA512

    c31ff4b1e0f9da538076c8fca0d82e3f10175112cfa4fd22a0cc669921fa475749cbd60a8ae1ce5a0e09788ae5eae57e6b4b852c6201a3416f25d582ad8e1d7f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC89E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC90F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit