Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

Neuro.zip

windows7-x64

1

Neuro.zip

windows10-2004-x64

1

表情/加载.gif

windows7-x64

3

表情/加载.gif

windows10-2004-x64

3

表情/喵喵.gif

windows7-x64

3

表情/喵喵.gif

windows10-2004-x64

3

表情/待机.gif

windows7-x64

3

表情/待机.gif

windows10-2004-x64

3

表情/手写.gif

windows7-x64

3

表情/手写.gif

windows10-2004-x64

3

表情/打字.gif

windows7-x64

3

表情/打字.gif

windows10-2004-x64

3

表情/指.gif

windows7-x64

3

表情/指.gif

windows10-2004-x64

3

表情/无人机.gif

windows7-x64

3

表情/无人机.gif

windows10-2004-x64

3

表情/汗.gif

windows7-x64

3

表情/汗.gif

windows10-2004-x64

3

表情/睡.gif

windows7-x64

3

表情/睡.gif

windows10-2004-x64

3

表情/问号.gif

windows7-x64

3

表情/问号.gif

windows10-2004-x64

3

表情/龟龟.gif

windows7-x64

3

表情/龟龟.gif

windows10-2004-x64

3

鼠标指�...te.ani

windows7-x64

3

鼠标指�...te.ani

windows10-2004-x64

3

鼠标指针/busy.ani

windows7-x64

3

鼠标指针/busy.ani

windows10-2004-x64

鼠标指�...ss.ani

windows7-x64

3

鼠标指�...ss.ani

windows10-2004-x64

3

鼠标指针/dgn1.ani

windows7-x64

3

鼠标指针/dgn1.ani

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/09/2024, 19:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    表情/加载.gif

  • Size

    5KB

  • MD5

    abc8c2a3d521e6ce04ee7ce6adf3e550

  • SHA1

    ae43ebb30703c415ad1b2175400b390dedf012db

  • SHA256

    fc28222ed65d6e0b11e416ab300d1102f74a8c9af572557d18e01ecb16a72035

  • SHA512

    9e499a094f7e8db64669aa97ea133abca6dc5de8cc0ced3e015997906037eed4c76790b09f9b569b83cf3611843ed2f17eba45dde943e43c39a2c07186f2a809

  • SSDEEP

    96:i+pUg6ZwxJiJD8rit/RqTeeJ/4J72OkrlyJE1KzUVqtTSc/OB:hQcgJVFQhR4tUlS2gt+QOB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\表情\加载.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2312 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2472

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5474266035652ab29d83b82712f4f42b

    SHA1

    c171bf36f7a9cd24c8f8ebcaf25ce8ceb0a909d5

    SHA256

    25397ef95b6ab502145b2ff5387d1d88687e7b4d32e674c5d307d74325b03e5d

    SHA512

    1c08e8423e0b21dd99b0af63e31978fe68b654abec413312ebda561dd41f7a679b7e091381cebff475f1e49e720b1f5f9d7f0442ffa0093a2b779e747db5ee99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06e9081274ea04267f4949f34976bf3f

    SHA1

    f42b89d127d842bd9529fa2907f60a877c37a77c

    SHA256

    9e9fc7ba6a03c0119bc631db373807d28e163c60c6c5d8730984e25ee3f92d9a

    SHA512

    5a92e9ae37c97a979bddec5695d2cc0cd1bb3a5fb73b1107e19f48eb6e2885f135898f71f93b010cc89873af5b5f65de7abbf9225803ef840e6b56eaed82a987

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5a93b77159286f30c47740981f23469

    SHA1

    2bef45491a0c91a4c83bb7aa63343f792ccec88d

    SHA256

    fa9ec3d054cfd9dd8366a2790cd892c74483f5758c8eb2be53b3d51077f7bfe8

    SHA512

    660a3c1e0e18e5bdf3f97edcebf09589656a77e2cc1b3ae925494a71f085a30403811dac4e1da9c1240337730e3aa878c6233eef6a668d827545ddea77456b90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a6ee2267bdb04d1553818ecacf2805d

    SHA1

    ac48e9625a5b80e992f4bd39595fdc68b40eca0c

    SHA256

    055d978eb21554a674f12e81ea6538728e104ebac500d44d8666fd55fdab8240

    SHA512

    256c0e66574ed590e3af8cc91c14dda8e5c3a5d328a825cecfb7e0fc7c83bd7a80d68c29a6e93f23a57f930f5487c09d438fa2a2ffddc46e4547a0343d4efd4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9ff41d7fbbf1c1499d636d29fbda51e

    SHA1

    609f3b3d050fb4167b6c9a194897722d2759bb36

    SHA256

    3e68f8fea65f2afa24e565b54047db76ebd72e13843cd849204bd32d105bdb85

    SHA512

    0b6d87ed57d0647289c034813d2924bdf9787884bc3f69cfa5cddb79f740da98a233e4e94ca2fb2d2373d6a2f7b4d0a2e7f0e3a03dd8103b453959e1f6c08143

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    778010b3f685ad425e6b35d85fd491b7

    SHA1

    6d414edcb05a2dbf0c9d8f5e365c7a427438faba

    SHA256

    874d715cc9f86ac35864ce28e1b5fdf2ae293f3bbd9b386c61b8b0d897092008

    SHA512

    94ca836264415b28b2e9f715345854b2c6d95141e75ca091c511b041296b9f426ddd2410c5b47eeed15850fc54d069cc394ef70d2c4b23611f57d6e1895dfe47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1df09bf280fe59fa843d4a84a208b5db

    SHA1

    7663d6d75b6527997446a19d352cc90f39381396

    SHA256

    411314ab182b54f05aa1991b462cc855ce5b7e58334ddc68d3d55bd50f3396c7

    SHA512

    e886351e7080d336fa0ceb83ed0e88a6699fb988be978a7e5d98671ec29b443ab60093c353ce357c98a772735e22d0ee9f65d5c9c4c63c0ff92776d1ea59b895

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5db54e024522e0a3a1e7ebae37956c30

    SHA1

    bb5d820f6d1b469548382e75582d10e21d687596

    SHA256

    2b9019b4d53569d6cf1f0fe1c44cd987184e1d9d43b5068e9a52821f34f6c936

    SHA512

    3605796f01f5807e8e1446e182f4ea084be46aa7c71caebccc2cb60247e272e1d4612ab1086c25150b49ea4968d40205376868ddb0ae058133843e75ae3550d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    721f0f7b66fceaab101a0751377176c2

    SHA1

    adc071dea8efb87848ad262ecbef6cfb859f7ea1

    SHA256

    3e95702bad3c2f0186c1271d5c113a4cf8bd642783bc911693d188169444af8e

    SHA512

    b778c403344cdf9f3cc18054021d543822277cef6585c6566fe7755db0fe1d45d018089628b999a18971f66440d65e53c2715a03330597ab4bb296a8edeff3ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e15aff6390feeac40c42b3a0abdfc4b

    SHA1

    88676034653a12a80190e5188e3d56720150c889

    SHA256

    c29b9ee021c69111266bf38d2a409a53aa5e09c23765e3b8c9def4a6ac6a8ffe

    SHA512

    25edbb6c936dd26ae4ae7df70057fe8e0555f5c1e8cc95de354845bd196b9a7997b2540f26ab40e6da0333e6d0d0be81c9331e1b17d2ec6cac7202f21367b606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82adcf10a2334b0c7247dbf8e9289dcd

    SHA1

    a0b1f2722b870077ed7afab8c5595e1d7d4ae2ed

    SHA256

    d30d73049518ca414c330a763c979ee052817193204d8d25cea1736f67b8b059

    SHA512

    c2acccc4e7ff19442ad279da6a78a684424ad581a1bef7b3a87cd53a9ea6b87e66a16069f933f98be9a4447d07c83c692c758b19e42216456d99a38e9dd059aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bf2d1a2607d383797b0ca699d932afe

    SHA1

    ea89357e7be0d422bee43107a3bb8f0bbd31beac

    SHA256

    0b5a6016660e38c9949df16136a192dec560f668d7c7a54bbb8fe241ed32c728

    SHA512

    ce400528f1e399df75dfb4b78ff041e39c1e42f81658d4a0ebdce31851b3e650971d245728957dd5fb3b56dfdaa092efd4f3cfbbccb8dfacc03590d80bc6f517

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81a25ad5eeb19f0e328cd7754f73b162

    SHA1

    217f5fa16b86eae7e10c4380eeb01177a9799b3e

    SHA256

    5174f0a34ad4d1f58131c9ee489e81da30a62a9544e8a7f87c9ca276b1036123

    SHA512

    a76eead81460e21819344096dbc28336c5b076dba8de9b6d12654daefa704573f68c0c9ae9c716f37972a8db49ad24207487c5b09e0d29139f30323a0846f56b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcb558093e2ecf62d706a9509b9bd4cd

    SHA1

    bbb463352741985b7424cf1b814e827e872005a1

    SHA256

    28fa32a235ccf83b5110e2efb1b43372d9de66d000080e659f808cfa57920bcd

    SHA512

    c0570907fe78a906bc1a63d8591e6a51583bcc2be8a409267bb5050af40596de06e16df151870c36df707ac907918fc0f25ea291403df866efff7698c68d02e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3185365c41527508053625809a13ecce

    SHA1

    b7092750282c8b6e45feb8cf2ca095daf19a1de6

    SHA256

    f3b5a7d5b4a34e017db8b486c2601615bc3c9d11060b0388d2a6587bd60542d8

    SHA512

    d63be4d061b88f8acb2ea4c6d30560beddcc3c1506ea385331b43614ee9bfd41eb1580fd25a83c7019b3946c51934c7b805ef5d4d749faaca2bd3c610677f7ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    624d41622c90b86cff2e7fff598f0fce

    SHA1

    bfb769349b7d1c452462d7178d19f7b5b16c210c

    SHA256

    6102fab65203fc03b48dfa961ccc891012d6a849f7e807dea59bea14eed28791

    SHA512

    8703f2436f87c26329d53b9ef41832f605d4d59546390be7c8e54ef4176759254e4bcd29bd958b2ca94497bc65743e5f749ca43d1ca649530c0b58a3e77be026

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e821cf657ed00430519e51c1b165a57

    SHA1

    4c6a7bcba5d08bea8613a62d65ee33efdf3abd38

    SHA256

    cd0bfe34d8c12e0d8affff8eb137c44c1cfcc9954f6e7128236c380314eb74eb

    SHA512

    3c9a89dfe057c2ea08a34089f144dd54f253f7c23a0e35cc5900f9a29fcaf69921c8a37fae25080085026241ababd6b2ba2417bf3bae489aad06e248b703a35a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eee89ca2aea2360c3bb9b9ac00465be6

    SHA1

    10fb824f92fcf6c044ca7370ee390bcab035f05d

    SHA256

    7bfd2aa96d78d81b5ce89e30a9830447a275a76817dd575ff854dbdb13be2fa8

    SHA512

    1499a62f80fdf85db91962de6543f0f4fe8510a4215ff023438691360d46eb025bf6ff6184ee61c9d7ea9cc6cc7486a4f22ae537cf332fd6b7d0f69d6280acac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6ecaac97efa126ef0beded0cb1b75c5

    SHA1

    e6d1fe777d78c81a8b5c514a44c6f7bd6d384709

    SHA256

    56bba6ed7441c1917f32ac8f31da4e03ca177e182859825876a22c5284b60136

    SHA512

    2091459ba86bf2eb1cd39990ded92e6ed284d73e5475dfc37bcf2ed257741250df37b450a770417c2529393d2340f97e5a47b022c63be3a59b5c68ba613a6787

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFECB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFF4C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit