Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

URLScan

urlscan

https://wsw.youdaomi...

windows7-x64

3

https://wsw.youdaomi...

windows10-1703-x64

4

https://wsw.youdaomi...

windows10-2004-x64

3

https://wsw.youdaomi...

windows11-21h2-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 15:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://wsw.youdaomiv.top

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://wsw.youdaomiv.top
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1792
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1792 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2772

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cc1483631bf72ac166a43ac4e5cb186

    SHA1

    8f3b35f10391d823f65f2ab7bdc1e797630e16b2

    SHA256

    e09b52cf3c5ec78c917aa2b6cb3b62cb97975e14d73862049c6af8cdd3fd308d

    SHA512

    af1011f958ce9da90430ee110928c403f7f25a10410d20d1605be9b7fafc38ad662e0b7d291a08e946faa8b6f6fb4914282f5f7c5dd6e1d0b70afe10b2cc0fff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    077301d52f474588398438ba2bf3ebe5

    SHA1

    26720e27f2738083b458228db517af44bfb9825b

    SHA256

    51bc9bd414c49beba1a4361ec65537ce7773bdc5ec5b203c05182210407621c4

    SHA512

    ccab43b89d1979ea12e6e0a10ba995414c598def0b3903622c5a36792a1007b45e8d7929b0f9e8b9dafb7f57fbbb337872ef49a970af3c70108d994c6a96714f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d78196d7b59a3209620ebff87f2e3dd

    SHA1

    7a5076f5c0925d6fa1fa39b9ab9dfc7e5621aa16

    SHA256

    2f53d3780dab953cca8b1d2ee91c0d84fbfc1a442bd8b261ddf41a4dcbd7d915

    SHA512

    884b1a73fc5ba8f9020ff6ef9dd583d61878ebf5231539b3bb300aac30670b3ffc920cad75de3615fe4e92b35e8062ba86f73106d28f1883db88397784a9b323

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d79425a282969f3ed8c21cb6e2ee215

    SHA1

    ff0fd29d2f9a1471d451062b88387c03c40db652

    SHA256

    91f3388cee94eaa5f01d84e2a078757b955b903d8295ef80a3be0f2556b49e36

    SHA512

    d986f9dc3ca93a1e5b6bf329de52258170fd3a18731c103a7710e8d228e29b3c18220a1f96ffb9a92801fce90f6f51d8e26acf354d8066a7555a2428d6f9a7fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50298e7859f0b9009471a0e3d66e2f06

    SHA1

    cb12b8c606c0e6ce4fe2873886c142b59381bd59

    SHA256

    80a60b94a482dfdc5f2ed479470d176ad68375bf6e9661eb06b8379b5598c4eb

    SHA512

    e7762059c3808df6f24eb5687d347dad5af9c3086ad0f3369c33c329363e1a3a4c8c979803659852764375d82799e5c282b77330c0d96df272e7495e0217e3c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7359ad119a4ccdf60f18a6c70ca4e40

    SHA1

    95e7ea1cde2f4e08efcb1ebec990d6bba2bf25b3

    SHA256

    3f99255a1be911bff2a6c9897a90a2de87b722894b38b29d4614f871f53e4bd2

    SHA512

    dea74e20fb802a722f39f0a4abdb16ec4217391dd5402946a459e72b1359743eac2b6aca606cd0bf25abbe4451489156679fbb7c9fa9c51f42a53b6a72a14421

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e51b0275070ec01bfd4036df5055957c

    SHA1

    e1c255eb5f2c50912eda8389dca304d27875861c

    SHA256

    0ddfa1d1c49ca6aeb79466af4a72dd0ea6aaceff23e3321b2438e728e09ea723

    SHA512

    c9fad2903537c6be9b9a904471d5f79e5e9922e44770135137b5deb9265e532e493d4b2e9a3f3c1affe5f868a20a483f2a02f298874cbe331eb6be6040df4b89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    782f990860fae62b10dc6e9469938c76

    SHA1

    08f9cf43c94639ec266620837c6e05796e705615

    SHA256

    e42d878f401a3183cefadb5c5febbbe7b76a98266bf90210e905ea0d7224ec34

    SHA512

    8eea9110cbf582edf41ece9c55c11b7b443b8fdbc61c6d421b285665a2a2e0fdb99fdb4ba545780eec9f4adb46b26dcb322dff27b5048625310f705da1f33dce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3616bc0ed38c66fb5a6c162caf40abd3

    SHA1

    3cd1acd03c0c87607e2f8cab943749dbc14006b7

    SHA256

    409d2a3929c3cbbc90574d29ab247ec6799e5757594afd10e4fb8df37a54adce

    SHA512

    7ba6211db6d2aa0940353571d9c47394a20db6054e9928e427a3f3d4e2f060ac155cc3948282e6cce09fe4067577e35c3302e831271531a04775a3a9e3da6620

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB5BA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB63B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit