Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Outfit Editor.exe

windows7-x64

3

Outfit Editor.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    20s
  • max time network
    21s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 22:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Outfit Editor.exe

  • Size

    428KB

  • MD5

    0765a779e17e446bb74df7dfb75f7450

  • SHA1

    6cf048596972013a27f9e968d86961f85ed72386

  • SHA256

    a25cee8a38e8e8383a2da08a962e5a96bfb3758ceb58b5f547b87bc1f3d7aded

  • SHA512

    d727ff584ce63239c06a9c6318df007d9e66e8d9dbe724a4e86eb173f2d292d19d3573468f80158f6809b772d7d9ba92905fe69368938b646f955279aa14a3c9

  • SSDEEP

    6144:nszAXNK+3FZr1QhiWsQH/bm9g+CG66GLHQH/bm9g+CG6G0jbpPm3Fu:nLXFcfqFCnwfqFCU0jb1mY

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Time Discovery 1 TTPs 1 IoCs

    Adversary may gather the system time and/or time zone settings from a local or remote system.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 24 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Outfit Editor.exe
    "C:\Users\Admin\AppData\Local\Temp\Outfit Editor.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=6.0.21&gui=true
      2⤵
      • System Time Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1328
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1328 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    220a0aa1d9863bf6f786d0234279a462

    SHA1

    ced8d52f1e461f0c247c5b886cb5a8402d383ea9

    SHA256

    6e4a89dba53aaa9d1bf214b6ff10d4b3b2dc6c721fd20db88835c8a238c37501

    SHA512

    7dc6b76e3fb189c5aaa0d336c0699acb09a429a38cb649f2aaac97be55db92a1aec78fcdbf3585fa943cdda24bdc9636394893226de9ab8e206a00aed8da177c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e03c0f9e7506594532b6f0734947e381

    SHA1

    10cd701d87ebaaf4a52c6a42bbf77d7a8a75e0da

    SHA256

    b94cc977328a3a0faa61a4494e3cbe1d937b5d1972f08b48f9afd20383a84895

    SHA512

    3b902339b858557267d56ac8c41d493f8a94eb467b0b433b91cd44818acf62b0c6f5361af750f33c4f51c666e72e104969fa6963b34599e8193a94bf28049740

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c477f9d790ba7229e6b1213242c12776

    SHA1

    c18f0bc249ce7a6e29b749d904b2c68e4a7b1d46

    SHA256

    fbbf4c2a8d6f0a56f110c8d9be268630ba2bccd6775386e13db6c3fc369d875b

    SHA512

    82329d2a52608190eb8fd28223b9a76442c91cf64e7ec01513c69d0ee562386f0631b185109711e09ecceb84ea7d5f03ab6593d84259cab447dbeb5cd9bea7fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afd6546da4454263cd2f4da48aa24a06

    SHA1

    035bf7fccfeb4fd714a274ccacc16ea5f16223a9

    SHA256

    f7a9951c33e5d2abe4fcbfa4aed14c194efb507f616c10fa3ee0b7ca8cde3682

    SHA512

    d4d14d9a198b673f8550e56954a0e007116a8924aa4663636296044f61402bc2948945241ee4e02c4bd5cdc64c605bd7b75031f33a77f153e7124990e991ae6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00b6e5aa3bb73b010c9685958173a7b5

    SHA1

    866e61930c980951dd9a987d52c2707d02704d32

    SHA256

    bd6bcc17855303995e18231fe17dc59948a0fc38b645113213ef3c052c455c4b

    SHA512

    89cd165e65d3f3dbf7c979a6c2470ff014188d6614fad775bedc6fd2489f7dcc06c0452ea28def84edae6de5a758b6dbe30328b058403557c9cabd7d4e7eb89c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfb4588e80021729f6617062d0d7d23a

    SHA1

    4909815d58744f73eaf70590d68245fcb1bff291

    SHA256

    54f5e15863cdd1b1761df5f9706aab2ed6f2ce342bc32cef487d5ebb0e0a83bd

    SHA512

    36f55c24a46afc5fb65142ca8e91d7859848a2987c78b8fc6cf90b3faa5f6fee10fec7d88dd955d80bf2b84e28bfb63b24f780ff0d042a70c5eeec4e43d3ca4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8ece5ca2092200709c7f479fcf69c03

    SHA1

    3e07073250a75d6a317546a65fd677801c3234d5

    SHA256

    c0d603fb9425295e6793b6e8e57e79ec09eee2cbee88a7dedc6b8a7a7f8f29f3

    SHA512

    26c774d51bea0e92f51d4907b29ac4c3ba8ebbdfb398738d673d33feae2ecd60ed7267753edc500ec246a2504a3bbce28b6e3dd21625aa30c8aa85e723bd1d77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f3eb06c1d8b523eaba7a701a7b513d6

    SHA1

    c9de4bfd981c1cef211c3361ce843584178d9802

    SHA256

    350ec2f9e6a14eb1e4fec9bed90fbf1e5095fa17c1bceeb68d8f4d7300ed4e5e

    SHA512

    ec707517fe77cb849ff5a2f8704c7210b568acefe42870ee73dd8845d92d0a07dc41982f9a3c8f3f6912fe383b2d2d551d8381e8b6b85a4ab8dd25634a8e0ab0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dee9d4c8e06e0622c7f01048d7c05be7

    SHA1

    dee244537ea43ee9633384ff107eb50e03228346

    SHA256

    f649bc00fc9cf4adf98d88a8d04359e8640b8e36ddec68ea294653baa987029a

    SHA512

    45ed0b4e48f930a479b40826a1a1c150a1bad5e15e993c90d923bb1107ffaec0fcf3ceab312f4d238e420eff7a66cae68e6a285befbd45462356cfaf91149b1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4dc6fb710eb2f3f20865085afc236c8

    SHA1

    b8e3adf7a6129bb5d169289077128e65562da102

    SHA256

    5dd8dacd0661351e91aa96ce8097650156a00759ad4c931c8e7c79ed79223b65

    SHA512

    284d509e10202311c8436a14baed1a6e2eed0a2986a738060dfe17a6f266022b51cc713ddfebc3b515db5034313f8eb5bf114b66a7b1b449d60faac95b9fe8b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68031fecadd0e50c2fabd8c7e9e1bb39

    SHA1

    af7f7686e72388af65e5a8895dde807f12367a7b

    SHA256

    bb052af515e59ee4ecbc765baf49037ceb44c88f9a4671e9bc224c77fcb063fe

    SHA512

    ee838ddc390b88d6fa40814421a196ef87e4e5c4c24861c9bc288ea8cf784800a58237b97b3d2d634c2029b18e12d94dd97ea207e27e77ac7245dadbe7fcfa01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b688eea936ce98b6c37b3d27d27bf3f6

    SHA1

    c6fce0fad6b59bd8f622bda822e350aad66548cc

    SHA256

    c87c5c5e57aed8f44cf19276b75fcafedcf62d63799660cac0f7eb1a2dc33af7

    SHA512

    28772fb2794ba49f21ad462f46315cf9c8cea429241d4110be7a600c2257654026dd4974f6b911b479950b1d4bc3ea5e49b5c41e2d9f66a9a0f2036eebef3903

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0e935c56d276405270c6dee61a1d588

    SHA1

    17c32e022f9e1926bdd8e3bace360aed0d8e9d5e

    SHA256

    4f2df1665fb84c17ef9f5e4ab1c2038d378d594e12bee8f838e663026cd1a650

    SHA512

    ea107f7673231e53f23dc12b97fefed1ca0425c5511d328e4998bab659b9ff2a83260a98283946db4d38bab504798dce90e299cc575cd4c444889212491b4443

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8309a2298de684d0dbf17f9eee197b52

    SHA1

    a004edb6bb875cdd4164264cd3a83ea008ffce7d

    SHA256

    ca6322b4932dda892f45048c6221e7fb2e6f7bbcd520f7d330cd84d7d8cb9622

    SHA512

    8a8e06a44ed32fca3d1a077fe1b7e3617f74e44c425dce7a3a9b013f839312cb6e0a22fbed48ae6b6d44da28fd7ef019b40d1e373ae3cd132c2526571ef74353

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef5794fd277a48c599d1ea58e066ddde

    SHA1

    fb80c5ff211f606b67e9d8bc5ad71ce5bdaae4d2

    SHA256

    bb8482fd0f7415973e611e2e3cbe65e3cff5bd2ffce6e46648223c9f90a35441

    SHA512

    fc180820b071552ef67afed5fa4b9e1e454e0f8bd8c2a61c022a14a90c3017aaa8ff944fdd87a0bb4d46514de56e4b1ba88fe7aa80b31774ac6eeaf8798ede23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d47c1819942c86bc476d93bdb8757ec6

    SHA1

    778c1882217e8e725a289038f64f9680a8552de0

    SHA256

    123582f87092cf3ce33dc27177de70bc0638f2ed959542d0e1c85e3fefb79679

    SHA512

    3913449f9686f2f22c73cc43adb0bf031da92dd4a29474079dd47a3d80fb2cb59d952fa6612ce446bd2af8b66336000e157027fd7a1bb2d1f0d26b55bc84a8fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3eba9ce99fa861adc6df38101385dd5

    SHA1

    d2cc1857dc789b4fc389c70cafcf20a37e5b8b11

    SHA256

    eb1bba6187825c16dd015d9bbb19d6af2dd805c1f1054371d29eeb44ffa8c078

    SHA512

    4de860a1bdd4bc77e43cc368c4b3b3f289e8aaa8c2a618c37ef4a0cc65ae3c9a00d615815bf714d71dfdf71f2aa09b1c84f5adccf59f1be06fedf7e45dd0ecc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50d5ee6a9398c19f9139a98dbb7ae7a5

    SHA1

    0a39c4de87b2f93e82404c93f7568d4b7255bed6

    SHA256

    195bffd166ce807a010b751304a24d5a6f867a7aeb4e70e026a81a10fdcb8f8d

    SHA512

    e1672adfbc8969d846432cb01416ab702d4c79bbfe013bf1a19c56ef3cfd2495238ef648581655da71c8caedf346859ba9bce89ea6d003dc7919cdab0de56073

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f3e14ef86d92b45f627b2bb0b774a63

    SHA1

    2c01b34dea5a879016aedd2b06ab07d90fe046ec

    SHA256

    a62a02b7a2a7e18e94fd68ea3816fec88aacc5750a2f8549bfbc99239ec35630

    SHA512

    b4d47bc34fff9fd42908e7620eed73d0c72836ba84d8af7660541e76e25cf9b310cfe75b722c790581a7e1f3b4a6b8bd6427a5b10cf6ff0327da5c717b2ffc3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE6D8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE787.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit