Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

eacfb08970...18.exe

windows7-x64

7

eacfb08970...18.exe

windows10-2004-x64

7

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMPImg/C...04.exe

windows7-x64

3

$TEMPImg/C...04.exe

windows10-2004-x64

3

$TEMPImg/regver.exe

windows7-x64

3

$TEMPImg/regver.exe

windows10-2004-x64

3

InternetHi...er.exe

windows7-x64

7

InternetHi...er.exe

windows10-2004-x64

7

Uninst.exe

windows7-x64

7

Uninst.exe

windows10-2004-x64

7

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 07:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $TEMPImg/regver.exe

  • Size

    290KB

  • MD5

    9181b183dd3096301e7211ed0312de8a

  • SHA1

    0c321747b581ad79da70dc9aab183cc12c3bbefd

  • SHA256

    202fcecc53f1ffd2d1d85cc4cc79a24ae37285ce564e15615b5d13ca69487968

  • SHA512

    5316e0511746c75603ba02eaf79b9aafbb29356f94279f466d3f17e9894082f14cf052ca3b8f52a149815e8c9b58f5d4b02ef1dcc3d677dc27032480f788adf7

  • SSDEEP

    6144:hIPYFHLrOWl1uIQtbf2QVDZEY4KUC3VM7UaEHpTLNUqNxC2kOoKXl:h+YFHUtbOUeKt3VMQaEHpTDx/kOX1

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$TEMPImg\regver.exe
    "C:\Users\Admin\AppData\Local\Temp\$TEMPImg\regver.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:1920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
    Filesize

    867B

    MD5

    c5dfb849ca051355ee2dba1ac33eb028

    SHA1

    d69b561148f01c77c54578c10926df5b856976ad

    SHA256

    cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b

    SHA512

    88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42af78e52291302ea991140daf89dddf

    SHA1

    6d64b0a238270eb75c61048a179ef957e656b36a

    SHA256

    bb44e89b71397012b812be3516f32f67b068e898c00e71c79c8b71f75e48b046

    SHA512

    1bd7afa4bb447869bb65f904c7da2977e388dbc8c7a185e7d6f62a914c4da573172570ba5c587ec1e304a2700dd3adea8c1d12427753b402fd74fe29f1c68767

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ea154953ed691c9f845816926a99ed9

    SHA1

    09adb0b2ade1f08c043160f6e9db7e67b58935e9

    SHA256

    edf3a64d4ac1831343f34b171b5dc1da72095968a7b7c7766a87ce0972ce7564

    SHA512

    75ceb35894a5669ffb6ade304e4771a82501897a3999cf4ab1fb637fc58796c9a633afb57623d0a5a2b46886dbf554a6ef37603444ae5bd16490d99bf9e09ef3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0aaddabdcd352b9866ce370e0d00f1da

    SHA1

    66ec901b8ff22967a67ed25524ac5910960612c7

    SHA256

    65fa3ecb6b8d2f834859d8bb4341a9618060f0bab6b1462353e90508d6b92aaa

    SHA512

    0b4a02bd4ab950cbe1f010edee59baf474fdfb3afd5f88e4830f5df58f5fb57d4bb41c169e4c53f43b965c060aa57ca99a34c90d8aff06247116d6a0b55d456b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82be1ddc3695551cf558fa9600b195a2

    SHA1

    ec67e842a4db967228b9c4191dc4cf2466aea678

    SHA256

    5f080cdb031a58b97f7620f641fc2dc1564af3194180fda14d810b522fe50758

    SHA512

    76f4b363b13b6da64f01201db9043c85dd7d0df9c6316952e0cf5a872dab85dda696d6fef598ba3ee944376d602bfdcbd162ee18f709e67c579085cac9c5087d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df25dfdec711196c2496fd39debac1cc

    SHA1

    5cb954b3984b6f5879ce13ef120d2e828f40dadf

    SHA256

    b0404083eb005b024d23cb39fa5d0cfe81d5e9af4b912c36b0f93bcb8d8926ab

    SHA512

    7c32ecad43653addf902659342960107a1e06d4b702053d45c1dbe68ec08b2ad5c8a806daf7cf01e409354bff057aea9950e202d0d40c741d823acaf732ce8e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbe862e7782613f359dc084ff4bbf53b

    SHA1

    91ebb89284774ced01409a41302240ba3a53056a

    SHA256

    2dd2c37045b431475033a6d27eb679d607b5f25b55f467328a04b406c0bb9709

    SHA512

    8502f71672f5a1b70851662ce472efb5001ac0a5c5699ccebf5a84586ddb4693833b6b035d3a979e9d18837098f1a63f72b9f559e4f3ffe2d33bef1801496af6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8d535b1a9e1c2d5711c49d33c519d1e

    SHA1

    4b18658745b3c468020355e03920c2573f79ea45

    SHA256

    4eb0880aff6f45a4c24047092128e1b055b86f1f6c999cff0a4df6e2722beea3

    SHA512

    8783c926beaabdd7bca38e53e27b268bfa7e0f7b9058a7b9758dbb094db7198bd94e2376511a2039f2960febe1e10f5f4b6a41e617ce0477efbd67d215621420

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9d97669d01f44247a46c37512c6971c

    SHA1

    697bf5fbd8725d928ebff32e6538d25037469d52

    SHA256

    baef12603fd14590b6a8575b7b8dc0d3af71cfe4b3fb821ba4eadd0641e211d1

    SHA512

    8c562de9c23063b7c28df5a371a105ccdefc0a88adae715c681467df1e6aaa4bae525abecaaf580dfc8a6a5c5d5dc164e9c0b54e0fd9aa455693269291ebd07e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
    Filesize

    242B

    MD5

    17a76cdf22000bfeddcba75e8682861e

    SHA1

    aa8e9a3be2709204fec6cdc171cbc6ad29f70bfa

    SHA256

    839b1369abde75621e4f82f65417c0f581a00a2f04380cada62a54f3e65fb7f7

    SHA512

    8c85989a3e6ec2b22b9d67933b58516ee19e23983591b2ca2bc8acae46dab09a30112beb869333e92cc57a3fe9f90b1d361b06e50e801bff56450c7039e20e71

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBD1A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBDD8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit