Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

vpnclient/28ip.html

windows7-x64

3

vpnclient/28ip.html

windows10-2004-x64

3

vpnclient/gonggao.htm

windows7-x64

3

vpnclient/gonggao.htm

windows10-2004-x64

3

vpnclient/ip.html

windows7-x64

3

vpnclient/ip.html

windows10-2004-x64

3

vpnclient/ssm.html

windows7-x64

3

vpnclient/ssm.html

windows10-2004-x64

3

vpnclient/top.htm

windows7-x64

3

vpnclient/top.htm

windows10-2004-x64

3

vpnclient/...p.html

windows7-x64

3

vpnclient/...p.html

windows10-2004-x64

3

vpnclient2/28vpn.exe

windows7-x64

7

vpnclient2/28vpn.exe

windows10-2004-x64

7

vpnclient2....0.exe

windows7-x64

7

vpnclient2....0.exe

windows10-2004-x64

vpnclient2....0.exe

windows7-x64

7

vpnclient2....0.exe

windows10-2004-x64

7

vpnclient2...ao.htm

windows7-x64

3

vpnclient2...ao.htm

windows10-2004-x64

3

vpnclient2/top.htm

windows7-x64

3

vpnclient2/top.htm

windows10-2004-x64

3

top.htm

windows7-x64

3

top.htm

windows10-2004-x64

3

vpnclient2...t2.lnk

windows7-x64

3

vpnclient2...t2.lnk

windows10-2004-x64

6

vpnclient2...op.htm

windows7-x64

3

vpnclient2...op.htm

windows10-2004-x64

3

vpnclient2...op.htm

windows7-x64

3

vpnclient2...op.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 19:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vpnclient/ip.html

  • Size

    17KB

  • MD5

    d33e6945bd3f485fb2820eea890311d1

  • SHA1

    464e0933363d78ebc04aea0b6fd4d3eb6b1899ba

  • SHA256

    0a188c825871a0da916c20eb156ae6618149fc4d8ac1f12c6f8f850b31c7407c

  • SHA512

    840c57c5b2c43b3714d65a6f22f3db55e934a66c754e46ae162786038a52c550cfd5c9cd27544ddfe198dd35b1f1fbd980107651bee6fecb37c70992f6646f1a

  • SSDEEP

    192:6qjINZYdqgXdihXOBOSY3SaOyOpeBc9tuJTMM8M97rglXZPooFja1TxwAskOgOyg:6yldihXyo3SaRNc9tHwoidPNOd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\vpnclient\ip.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1252 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2320

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    155d6ccaeba290d43f901771d4bf61b2

    SHA1

    fe138afe7bfae8f5677887a56e942cbb06975be8

    SHA256

    6e450c42dfaaf304ffd4dd3e3ea98568a953f370960fc8a7f6e2bf012e339f05

    SHA512

    dbfe4cb0deabe7cedab9a7a5d7f9abf9058099ac1a0e4f9cb8db81fcef0cc291a7c8882921a5a4dfd5cb8ae94145e371405ecea59195d31b2fc37570a3b5bc91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    104cec1e23c5d2e10da2b19e95df6847

    SHA1

    2deff12091174f2d105b98ef6c7fad0b5b6891c3

    SHA256

    e2292f5bcce97ad90d8a1604052b96fb4eb0dca4498f60f0d808cbbd25353c34

    SHA512

    9c9d4c14e235b25d59e9093f399974913b6f8c4fc7305b5fdda7b53a7da82095130c6f4a27456a514e3a1847bbc88fd2abcbabb3e3628437993ebadc150c09cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8996f392257bc664dec40f32b13c47d4

    SHA1

    66838a6c1deace1fc5d50cb303bc3e5dd9d2f66c

    SHA256

    73a09b5b722548241057c579bc03368d14c3f154b202864c5d0bcf76441c1c1c

    SHA512

    f4fff030dcb3b0c43d32a97eefb1b26903189c216a3fc96b790428870c4631650a881983b1c67a56cbb176ce3d48556801aabc6f308e2d7b7bc0bd014c63852b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bb93971d0ebeac57d798a9fbdcddd12

    SHA1

    4cf3be9999ac4f79398f85e42d355a5201762a60

    SHA256

    5b5124df36c430a74838864d5087475fd52ededeb09c15be63a6684e5a05f24a

    SHA512

    9c76eb2eebe6a452c0d8b271e8482dd51996e3c07d585f3cdff52def7c403d07cb5b3fa0c5247bd880d356163478f82dfae3fb3e340dd73f0dd43618323ac180

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50d12c1dc6160c3d76c0958ad5a6b228

    SHA1

    7ea461bfe400850bd9a77e2389f81bd16501a5da

    SHA256

    9f6a99ce4e0bdca565e25deacd02f92c45a878a245be72797d1e4c17696f7522

    SHA512

    ac7271cce377f63d0f0ef5db1ef5b298503ca9fc88c6ab6a1a9d5660b9b94f5e493929ca8792ed085e07203dd3dc90118c9d846dfef1931c7e48a6faf02a57de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01c573f04129398c86958cd246398be4

    SHA1

    79b000f9812228c267d7c3dbc611b66ca9455145

    SHA256

    4546f943ca428d0ad9bda59dc9385e2c2bacb7266f34556a5c8a7cbf43b63c60

    SHA512

    cdb05a694c718e784d9513dd727d352da67985672ed551bc475080f74148fbd62a6a3153a3e571f8cf4bd7ddd060081d37079088654ae2aac19d869f32e84465

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85de4d4b37658fd07c0bc5b949e627f1

    SHA1

    62ba84d62b78823ace7074ebec996f2afbf80a6b

    SHA256

    ffeeb9f909477b2485fc7bf6afbe101345a7dcb9df7542d653842af3807188b1

    SHA512

    9bdcdf8abf0f5a0359904e438cd70616c1d2cd2379016ce0d36999c5ab4bb071494d30b2784e0bc000d577969d238fd8bd27d5f35198a0c81613be1bbf47476c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4718cf0fa1fabc0f00f2a54ceff1c0d

    SHA1

    0242c54f06d47b082e5503821147be135f0d5a35

    SHA256

    0d3b7c3b3d195d63eaa8d1a64feaf3c2c30d67daf6f449fbd8021982e9019ec1

    SHA512

    cfd5925c9c0fd8b3dd383d7be94f13ae48c57f882cc142150d18d1fb2ce501fbc2ba8b77f65c717d6f277d5450b7e5e05995f135f8c096ac1fb7fc5f1361d38e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    762232e454680b8beffaa91c82bae28a

    SHA1

    3d041adeb258896271e3ea3f237d4a310e0a1cda

    SHA256

    e01b7ac653bceb72bc53e12cce377ca276c28ff50fa0e9c8b55d934b0ed5d2d1

    SHA512

    cd1add490f9f08d02a104eda8d84256e52027789312c5e4bb7a11b0b9aca3fbb05d1a9e1d5db7e0ca5425d04155dc75726cc5a4932d0b44f1047ab7e1b019cfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe9debb15d782c4386d546576a4ef13e

    SHA1

    8332b57324f6e4be86a6a2fd14be587e6007e506

    SHA256

    57213aa2a4eb0ed5c3a49b6bdd8908a3aa4565929564dc589654daefdcbd5796

    SHA512

    8a7f2dbd9271050c13ebb7549e84d44be4508ff98a4a37b9a9edf072260313f77cc6217a8f827e749c75869f76c1097c9deeec725306151c6f29e6b106a55c04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c5b478cbd9b513ad422fa45879368df

    SHA1

    98cbcd5534621681552a53b760b1152b93b7db33

    SHA256

    c4784cc78e937b6340db3f65b7ff2630bddca0867c93b9e87c9e3b383efc83ae

    SHA512

    46d6dee7c152a7b41beed05a527ba736a072b6e5a2c071d01201528c32deffb1f2a2234df92f76c551848f313418e4e881b8ffe8eef0a53530087cf08ec49f72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27c4409a0882ca285b404f32a2001385

    SHA1

    b7c4aabb75d9e36d68cd154b48462e4b6b3dead7

    SHA256

    b1b6129f7ecca7791dbea7db0e05d37f8c1b4db91e39b3849642b9b17f887935

    SHA512

    788dac330e6cad8d561eaea5e97bcee6bd80c6d8f350596a61b80c183445d618f0902e1eb94dd62b2f2da1ad415b01b464a1fc3bc2fdfa8ad7cf2e690472b3d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dedd2feb6e3325488a9593ff77c53372

    SHA1

    806ee8b2f812e946eb2e95abed8610df6def4a66

    SHA256

    1f0ad5ed5bfe225f8f47c74ba030e0997dcf10ad9deefde0ff25061022828399

    SHA512

    fd6fe2f1835beecff155c7359935e7a4164c6333d3eafee150543ea0142cba3ea7f4ab67887dde51da742581dccc9c0f4be99fcc36f0d37277172e191a65acbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01f7d70332db3d285a86837efa044d2c

    SHA1

    92d1614bfd10ae049ac7e049b8eb6aaeecb14b83

    SHA256

    e6d1ac9484aa86057f4f75c3f0fbce1d2173b6900d15c1ad512c2b25d02938ab

    SHA512

    69d6f3abb7dd9db32945a8210637fce7684bb8911e5ee345ddee6bec5e31626f6e05e444ea00b6d2ae2d8ab29f57163975792f6125aaa0f5764ec1a4d6c335d0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE0D1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE150.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit