Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5ce368d291...fN.exe

windows7-x64

7

5ce368d291...fN.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$TEMP/4204...pt.exe

windows7-x64

7

$TEMP/4204...pt.exe

windows10-2004-x64

7

$1/ALOTSettings.exe

windows7-x64

3

$1/ALOTSettings.exe

windows10-2004-x64

3

$1/alotappbar.dll

windows7-x64

3

$1/alotappbar.dll

windows10-2004-x64

3

$1/alothelper.dll

windows7-x64

3

$1/alothelper.dll

windows10-2004-x64

3

$1/alotservice.exe

windows7-x64

3

$1/alotservice.exe

windows10-2004-x64

3

$1/alotwidgets.exe

windows7-x64

3

$1/alotwidgets.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/eula.html

windows7-x64

3

$PLUGINSDIR/eula.html

windows10-2004-x64

3

$PLUGINSDI...nt.exe

windows7-x64

3

$PLUGINSDI...nt.exe

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$TEMP/4204...ff.exe

windows7-x64

3

$TEMP/4204...ff.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 01:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/eula.html

  • Size

    14KB

  • MD5

    da5f15770b833d2e7876db980d472b17

  • SHA1

    63cf6cd7fa903646c0e86b1713a362f25b20d478

  • SHA256

    248bde8035036d6f0c3e5afc5eb247f64801111487916750bdb8e77fe287344f

  • SHA512

    d699d74ee4cf9f0a1d2e61a1d504a3604018c3c8406b513ba0e3b1d3d0e9c0095e74d0be7966c085d27cd0c118054baaf20fba591519e55c73608dae10c3d2b4

  • SSDEEP

    384:/vjekjquizlKfYzlIFsDhm2G6iG3MQWm6r/OKF:/vjDfYzab2GFGcQW1r/OKF

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\eula.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35a254a3641012cb73953a9c1ec61a06

    SHA1

    3f99288390c48be2a438e6f998909d5e1e5ee462

    SHA256

    4817bcd4cc1c37bf031f0432ea1f2dd366efcd0b4097d7c1a15408b8612964b9

    SHA512

    b10e1943739714769007a8ddecf25fa2098979c11abd80cfe1f837a257c70722faf5ae9a2894e2b360e334c5b526e8a334a7530edbc6fce6a263f8bd92b1f99f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ee3b2012b999c3b1b94285ff4b186ac

    SHA1

    91fd5d36c8a1e890dd1f3ea48c52a9f4e1bf50f6

    SHA256

    f7360865ab188ac85cda007a640a7f548a189f6ead2fdc2fe6c37c0317d594ee

    SHA512

    4e4aa226af793f17a0aa53874d637a4b84c200c72864bc12a7af0ea688a1db8543cba20258e7504f4982b7c1eb1565e2db15c5b300683d07fa23ecab709cbc71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e93cf300938082c5ccf1a9130d5f2787

    SHA1

    caf6b41f69bda0f90738ab8b099d2dcdc4a47cf8

    SHA256

    958a57530abf3eaaa0b739aace44be7fbfb6ab0a765b83c768da7480674d352f

    SHA512

    66058b4da958e38e995161e0cf5d2cb1291582d6bc3ec06c61a777e72e05ac33ee9253ae40336370ebbc0c6b9fce114503dca81b368a8550f770e1b5c19bf456

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ab5f93864d44ff37e7699e301f261f7

    SHA1

    cf34a79568bb5978bd6094ea4a7204b3bb7a26a8

    SHA256

    c5e2738e7b836d2175fe8e1b4df7d49a799d5f7548ea2263ea59986c2c79da06

    SHA512

    53ccd9e968edcd2f88dbcd021a1efe3604894d1606db574079a8741dba92ba183fa252f6b391d1c9c5b3fc56175783984761a4588ecd090a1e933d08b22d178f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f9753ec9d58818fff991b9ca22df45b

    SHA1

    0a2381ae1d83fca42c15cff266c6d3cb70648cac

    SHA256

    d3f1373c5b7f391bcd953e8941c06c161cfafef1c8a11f8419966ff2f4673d9d

    SHA512

    912b3fbe398b1b09591512108956f9579e61e3f5b73e67520275eeb8164ead6ad3289eff25940f806a264bbc6bf6a214262f6f003c6313dd9d1958a3ce79f4d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce2a23573bf890a24cd1e0e9fd7ae26a

    SHA1

    be0bd24c3f7a072c8fc99cd3f767b2257aabbccf

    SHA256

    289765030066a3cc0372853d5d389efd6f4510f8bcc899c31cb68b14fdfd77d6

    SHA512

    ec2dc2ff582503600cb3fbdc65c045a5a3371fff88b9eec31f512180ffc5689fbf8bf475aaa06d5c47f610b87b8e0e430bc1e214b326d427ba645b53ec8c1a30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3ac5b0d64cf561ef9a868c2a061096c

    SHA1

    bb756853dbc7e1fcedf9b1163b4b5bd2bff6faf2

    SHA256

    f58b700d6e49848a076969d0538e9a389bfae798b93a93c032b30bb149d96f4a

    SHA512

    f55a6e5a610431f3a5445aa78aec4a3c9aecedb449426ec1bf26e8a4069899763ebc6e9a1c0c6ccc7728f503447aa13d716bd158c170c7faf291db663ecb1ef8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6d7d6e0a5220a47c754f99d4ff55c02

    SHA1

    d39e97e501ebedd727be6be842ee7a54934c3de8

    SHA256

    78db83d092d75c13de78b09fbf2f412edba0ce6a9ce8845c2fb5059f44f28004

    SHA512

    4a11bd7af094d4dccec9eab98de6afabc231e7d4df62f792cd286e5ffa991fef9ef9122e950bb5b2a521fdc5796fd688e1f869bfcd717686c4a51b571e33ad7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d02007019cdc2b384d05004e6bd00725

    SHA1

    5d7ffe1e0ced9a0be33f03ec5a1dd0ac4b0e9fb7

    SHA256

    3f51a56617db3293e84b6934f70be4e2ec5d008bf842f14afd1ac36c2ff4c7c6

    SHA512

    e4da967aea0206de5b2a95961e9ff96d0e1f5bfd45f464bf37e2cc230189689771f59398b8edb6847df22fc67c205f645920fd6e71a325e5682c716d45c97277

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a68eeff50bfd29a3dcdd2469af7584a

    SHA1

    83c88cb53a089f36d1037514ee540873674a2de1

    SHA256

    633a4847977aa733723433bba9b080b7fe688772c4196cb252ab74941e3a4f63

    SHA512

    4fc67b29cd626983a40dbd442ea83d169047264f180e1b0111c987d6bb0d125feff1c09a93e250381000da9322b6dfd3eecce5410c326383f6ae9841161220f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    111098d463a1ce30da3a10d889492cc7

    SHA1

    4acd54b8cd7f7fcf7d53f9bd55d3d08018fadcfb

    SHA256

    9466d5b5f77d5bd2a391fcd83f3e884481bc23bb6b3ac4d0006f4619de5a761a

    SHA512

    cbe146a8521b7da4ae5d9d6cc3d25c8262603b0d415b859882da535c3f1dd2491ac91fed1323538ea29231e432a5f4426356598eeb7ec544f5accff414d25d3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a607f8bce51ae0c102500423f63eec96

    SHA1

    584acf20b9bf6618386a49b9cd716d73ed64efc4

    SHA256

    daddb52ee689474ee7634ead58053a69c5c6a45164849e23913e0f9f5f447378

    SHA512

    37f838c746ccf3e564b841b8da9df9011689df3a8955627d317dbc09379c0eba162d2c5dc5868a7547a91609acc9f9848995519956150f7d3448b1270b4db02f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFC9A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFCBC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit