Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

Neuro.zip

windows7-x64

1

Neuro.zip

windows10-2004-x64

1

表情/加载.gif

windows7-x64

3

表情/加载.gif

windows10-2004-x64

3

表情/喵喵.gif

windows7-x64

3

表情/喵喵.gif

windows10-2004-x64

3

表情/待机.gif

windows7-x64

3

表情/待机.gif

windows10-2004-x64

3

表情/手写.gif

windows7-x64

3

表情/手写.gif

windows10-2004-x64

3

表情/打字.gif

windows7-x64

3

表情/打字.gif

windows10-2004-x64

3

表情/指.gif

windows7-x64

3

表情/指.gif

windows10-2004-x64

3

表情/无人机.gif

windows7-x64

3

表情/无人机.gif

windows10-2004-x64

3

表情/汗.gif

windows7-x64

3

表情/汗.gif

windows10-2004-x64

3

表情/睡.gif

windows7-x64

3

表情/睡.gif

windows10-2004-x64

3

表情/问号.gif

windows7-x64

3

表情/问号.gif

windows10-2004-x64

3

表情/龟龟.gif

windows7-x64

3

表情/龟龟.gif

windows10-2004-x64

3

鼠标指�...te.ani

windows7-x64

3

鼠标指�...te.ani

windows10-2004-x64

3

鼠标指针/busy.ani

windows7-x64

3

鼠标指针/busy.ani

windows10-2004-x64

鼠标指�...ss.ani

windows7-x64

3

鼠标指�...ss.ani

windows10-2004-x64

3

鼠标指针/dgn1.ani

windows7-x64

3

鼠标指针/dgn1.ani

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/09/2024, 19:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    表情/手写.gif

  • Size

    4KB

  • MD5

    691b1a6f57419bdca1eef1b0090106f4

  • SHA1

    daf582aaf650310b9874c50dd0e4e27b9267c1f5

  • SHA256

    e48c6d8e2bc8fa6669b912eec2dffbf5e8cc210012904a460a066e98cc3702d1

  • SHA512

    4cba149733a433781b5c62cf1ff17aa429fb7288f1d9af3b3679789a1b127b9beb61c4a7db8c4af719fbf4c507a3d12648b94b1eb3a773fd6f31c35969e4badd

  • SSDEEP

    96:8BUybFxDBBOa8BUybFx/BGvqVFBIB80BUybFxPB8yqS:8Bn/BQBnDBGvKBIBRBnbB+S

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\表情\手写.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2120 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fce682224058608d5f9404ac88ae8525

    SHA1

    fbd1d9001b4fed0092d33cab8e6dfc25b5d2e704

    SHA256

    2bfdb1b29859beeff2d30adbe37362f566629651edcba0c117acbc73049bb69c

    SHA512

    35c0f588783ad02edc0bf9a3dda88b6b4306f856ceb18d9d30129e4bf4c3b15b8af435f5a90b9fd0dc881be0b6d3e6976126c498c906c4dfe566a20b72590950

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a98b0f3d1472717ce4030b88d00297c

    SHA1

    2f5044fd01943a6a9fc03d1467adf3e74193d1b1

    SHA256

    d826cc2426b59289d36b0cbc593b12aa6727f8671b02a5f43dfca01b6f2355e7

    SHA512

    1656f35eaa938373491fcac3bee60dbf0a0d8b967ca4568bf50c04adf28d212cc80eb3d0011dd3e6cbc813ea31f18b032ce85c0ed5f54ae2bc4aa2b9d9defdd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    749c74212018464dd96869bea57df3f2

    SHA1

    0db4495eb4c351acb2e564461780355b2b735b7e

    SHA256

    dc631067e3e51c12f860049ce98cd944045fc53bac2389ef458d1c5985fa1a68

    SHA512

    5a08eb3947db8d675cef3637c46117a8cddb38523150e68bf2604580eca6256c538179a49cc247b0b9aebf483cd999c98d31091cfe364a48d1ef921c4715beac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4017e1fd872296c54859982318130075

    SHA1

    6462972adff3bc5476ee63584dbbf0d79309f891

    SHA256

    659f7952f8ecbaaeccec2965df78e75940947b538fb59b50e2526f72607d58ac

    SHA512

    9191b2213a5a40d104c27ce33b791c053c497686a594358f8c40a8e4a3776c5e8cdf1e700bee46f4eb8345bf1fda614c63c80a8b9f5a11b00118db285506106c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0197d51c242d2731860e419cea487b2

    SHA1

    a3441bc9aedf5aeed5e49acf203063757e7078fb

    SHA256

    239d1c6f8dab9715f3e75a1b5aa62d8392d8532be0ee9fc28d27f57e716a3573

    SHA512

    c5cef226af333cc5c8907618c9cace7d192908d56e9c5a954da52328282ec7c7fbbbd5f7153d93b72717e4a4083144cae3862574e5f92efa4d49dfb578a8473f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7ba3e77c61a833b7b622bcc638330e8

    SHA1

    a0b5a1670be1e42d9471947b9ecdf60c72c6b5e5

    SHA256

    55f0b283c18daa44cbaac9524c4c0d07f4ac3cb3f2304291158f64d32b5dedbb

    SHA512

    4429534c892d69c876ccd26e87c5f9cd1088b53789ad2ed4e23276df5a619b3feec790de803f660aa380a8cca40f6b895b98ea0107f4c9e04f78a63c6ad7fafd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    691ededcb04fd328931f4f334b97633e

    SHA1

    7d1f2e16cb96b6c7f2a81e022aaa0d67ca5699e7

    SHA256

    dbb6c436a28e14e7693f1a35834546e2ac1476aae8d0315a82e814891443245b

    SHA512

    f475ffe11a18b6674379ef5e96a3c4fdf6be2b5a23de859167334b8c0dfc57e97f4c1862701652b9dfb221facc09ddd22e726ced5b4b9c649fa907d608940d26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    352200ef7fbfcef16121451b3e1c2c65

    SHA1

    3f1a06a114345f198eaa72b8f95f19f2f5087076

    SHA256

    a3c5b23ba9ba836f748b0890f6b7f035bdb947943f45d8e29e8ebc5cc7c70bb8

    SHA512

    2625d9c00af83f40cd8bdf062c0bc08fe61c2d7c78a65931476d10106474146c614069fc018f6b0809825972e5ef1587943614676a8edc1010e5fd0cd86b3e0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2408a5754f344c477600ed50ea68b541

    SHA1

    5f53a4bc3e006b62290a4cf28b3e16c4d6fad89c

    SHA256

    6cb7cbf007ffcc780ae3f87140dac9dcbe3afc1f0934caae4a00a002c34bdc3f

    SHA512

    185d7df34d529f14db302040648bd9fc3d6c5aeea5408971b5036d9edea71b38e569d1b040f0e2c066a9c5e3dd31d9bd3ce122e94af6873be932a9a91cdd97ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    986f0a4d8fd07f42c3d4afaf123d9d1d

    SHA1

    c102be5b5dccfaf7e0498643076c2f1bdd15d212

    SHA256

    80b21cdf32d53ce72df1f53d0e50ef0af937fdccf17eb5b4279d40ab45bf430b

    SHA512

    2821a546a74457c71b87dab38e4f1b957ff002cd53cbf941ca3fbe49488983ea5caefbc9186997ad68d536b24b5d45f45b2a230ee06fe394603181f3cdbb8b6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4218b48dfaf595f74e0c8f376762288b

    SHA1

    94eff47d7176a9b1a7c0a9a0722065c2e6337747

    SHA256

    ebbcdd3b612a31c79623ea1f8f6447e7f24eac3a08c56f9cff2cdc0a91c06a88

    SHA512

    3ae94a2f86590cd27b69d3a908abea63eb3563436b5c0446771d36706d4179f9cfbb05e270bb1d6b97f23ca1d171db7616620f8c533b563ece3d1aaad8808392

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab15D3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar16B2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit