Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

PCHunter_v...32.exe

windows7-x64

3

PCHunter_v...32.exe

windows10-2004-x64

3

PCHunter_v...64.exe

windows7-x64

8

PCHunter_v...64.exe

windows10-2004-x64

8

PCHunter_v...OL.htm

windows7-x64

3

PCHunter_v...OL.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/09/2024, 09:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PCHunter_v1.56/Readme-ZOL.htm

  • Size

    2KB

  • MD5

    cb3eedb39a4b19375c929dd1ce6a671b

  • SHA1

    c9321aafb5c98195aa35a54ae30f8aed8530d589

  • SHA256

    7a0421963c81fb48f71c8a7727d9f33ec023b574befc6b35981aa388279086d7

  • SHA512

    3dad8489626f5d87c6c0b8747908643a1f59df421821688ac272a19473f73427e707e4cea981fd1274d03ab597d22758f7c91f575369b15e7ab795d01c88e12e

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PCHunter_v1.56\Readme-ZOL.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8021abc524f9f46fc2eb98263f0a0d06

    SHA1

    bbd3a7605d6ff3e1746477bdb7c0c8abaecea9bc

    SHA256

    cfabc18a0d7632f96e7734a0347ea6cd5ab3ed29661f6b4d78259753e2d8f3d3

    SHA512

    ec34e284508926bafaa7bd1d385495a5c12db0d964e42bec1347afd4024e3fcb2e4c4eaa2738abb12efe0dfed60203a5076f80a9b8e855e6d2ac39ffbc8a3f45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ffd2369af5f05c3b063f97ff3326bd8

    SHA1

    69276c7d4b666a5707a3b7ab22f45e5ee8ec20b4

    SHA256

    578c38ebf94f8f16023451bd57b1dc7dd73c1864ac7528f62ac394a048ed2b51

    SHA512

    f6a9c300773c2e1a657336a74b67d3f63b69511d0c0f0be0c4416f7323390c9b415686d88ccaf2023ad847514ca6495c100b988dee09d75d55bb2f19e7515ecf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a06a4d29a422ec365e75823cadbfd93

    SHA1

    715279e52e9c749ecd5b6c6f125bdc9e10ff1cf6

    SHA256

    a1be5635e06b609995757af122874d6983b07f6dcf2e44a8adea804ab3281d11

    SHA512

    6a70812d8bad5be374856c01586afcd5ff806b7d9df446f10476d3c830dfe9e86274e1ee5677591eb52ca65e0bae6800d2eeba93ca585b97da0fec4be2dd9c91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34dae4614f29afbc0ee4026d7978e31f

    SHA1

    23d2b1eba39b913fb532da9159e1d5847084d5fc

    SHA256

    4bea41b72281644f4b7f21708540afe23496de8783a52091ac5114b8cc6b9f50

    SHA512

    bca306eec8631555282c7c9728432a138e0b08e67fb74380680d1346ca10ac1d27ad8ac866ed1a247a1bd35f91b073ecc9b9a7b2f554a49d7ceba2ef23bec9b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a4497bf25ccd1884e12d3b559b6875f

    SHA1

    f590688a47fc991f711348843b964a9375b23993

    SHA256

    e6bfcaf483c329431004a7a6a5efab0d117f18e52e6550b11b66100d04786cac

    SHA512

    1ba86f01fec1dcc2672291f84a770df3c3c6c31d272ec7a9a53f7fa5721874573f08641f7f9114d5fd282a5bc90014ac6ad98217329b80925607d9c5f8636e84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d34a9d3a9c7a4c910f3d4259fe8ac791

    SHA1

    18967924a7a4ab74944d94402bb538efe7efa7d7

    SHA256

    04ba980771ca2486f7a4160799170d10ac415c514dbb44dd01e7c3d03a5eda8f

    SHA512

    119f214ea11da995b5715ce9d9a22d04793078438b7fd778a42fbc366dbcce2755c08833c4abdc99cdfec9e3c31092d48968157a7227c866bcfb8a453de586b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0922f36e35bb7c00e1619da5e4d0f818

    SHA1

    55631c5b12a220f586b9d99cd5263b35bfbc68ca

    SHA256

    d8e36a1dc32db8023b040c84a1fab28e427978c2e87a98c65dd36f352101f932

    SHA512

    ccb516db9974b4c403e78af43b03d7b6f266b2053b2d7bf78c3b367c4ea7c701a495adcccaceab2329f02abd12a35e2ff753261881412820160ef0b50217e692

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1cfe8e923ae7488b11abf62897111d6

    SHA1

    654d54964a95ac9c100801e0ce915204fc2a64c7

    SHA256

    1ef70d4b09cfb42eaea711bdf05d77713476d02b75ca85c8a5f6e8da9f744489

    SHA512

    2ecbad67ef5e6990e06960ef38eb80f43921db580387be455cdc7e3f4be0fe5c385805fe2fcad8db86b82dda8857395b64fba7c2c6d30bc7cbd0438146f59b2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7acefe796eea09bde890bba7aceb7950

    SHA1

    56144cd6c71e71dc0fed6eed4c773d067ae9312a

    SHA256

    8f2eab8ecea474ce4179deb6bb97329ad2fdbf5fe005e4db33aade9adad0abfa

    SHA512

    5cc16dc7bf835a1b1feba806b39a46f94e405ce843119355883a6aceb92706d675ca40c5af9682ceec2045e6c486463791b53e4f9cf70ce103445d6a427fd2ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e366230217e2cc013a5606804713cfdd

    SHA1

    1539f00c71630bf7c6c31ff65765f543cd47b395

    SHA256

    fb43a5e051593467a319b42ef5b8990bdbe0292041f1ecc6fca913d66a965a6c

    SHA512

    5c644fa2c50e4b205f3f0cd941a04c675a5b6014da6ea7cc02ea7797b2c11808c9cd4838f412032a14f5fc2bf6530ed7967ab7c2569e50f87b52031fd35a0290

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1902f4e84c53327f924d99f73b58562

    SHA1

    7aa8019a722e6fd3214072306948b97b760c4fc6

    SHA256

    05d55d442973f626c0bb52ae5794623f58c28754377faee50971118e4cca7c23

    SHA512

    aafae13acf0c9fa77f790bd7cd7d33112c8e0850c70d61bd1985eaabe9095ac03db4ebb5b2549643b336bece0d567fdd3051b2c72673e4ad4edbfbda7fc03bf0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    129c5f90de0452659fce77a3dc7a8b84

    SHA1

    a5818829a17f661f0cfc4887d745be086d679b10

    SHA256

    787aae4fbb70db1efb0b7449430d50e9e98db741562605b736c78877f1aecc82

    SHA512

    5bed073c56305bbbcae76907c0615ed4269c00fa69e95fa818dc4cf6d17f0808b3ba49ac2b5e5cad1a053d79ac8186af9434e977af3e8302973a7b7f6fb59f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    873e9051bf741bd4a9f94a7c1c7e43a7

    SHA1

    be413b86bd957d0f8ed12e42c2e43dde40ad4ece

    SHA256

    0ad321e25d61ce8b0d9a812ed563f67a9f09ed11183dbd14e82ddf7fb3a5a0fc

    SHA512

    fe5d17ae51c14f57979b543305ffbbf837e1f142e99ca34771308be5e88b06bdca7aaec1dff3324ce3770c24cab482d9d96ee579600134683c244ab7fd7770e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6022751a478e21b517ba0fe8f0f02578

    SHA1

    39bfcf39ff95672efe3e56e60b69835981473a9d

    SHA256

    02754cbe01c98d4dde70197a54c23b05948c03665fb020106c44b0490a570849

    SHA512

    71828ce6cf187728c5944ef22fd188f524c405c2dca311694ab843c7581673c563f0a5a26d5220e4591c063581ed4b79e33845329f3e2f27c64ead7dacfeb783

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0dfb8e9db969401a2f47ba045ef51ac2

    SHA1

    6d65a7c384b22462a70fc1d2c6f96669aa7c6338

    SHA256

    744850e0db9818d24cf672ccb01a43e4749a722b2c7e84a418e91f6518b62ac1

    SHA512

    ea3b23097d27239561f7bbb24fd153f45a5cbcaf7faabd44736e57ffa6fd60192afe49292f8abae302b1f0fcd8c1a6a3f7983833fcfc12c2525b4485efa02be6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    601ce48fb12521043a24830dcabb8e72

    SHA1

    b817fe063bad2c25408c27ce16ec9a12b84f0a1f

    SHA256

    2871a856eb91a7ceccd91b7a24e1115c2362ae957914fe3acb85ecadff72e891

    SHA512

    164d2e730730e2c9c51d13d169dc17578b91d1522db9e6cd27fefe614de47a31b55db28a25cc2e99280e73dd87cc28e00da87b1765fbc9c9de34982e673771ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1EBA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1FF5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit