Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

0be02b750c...18.exe

windows7-x64

7

0be02b750c...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.exe

windows7-x64

7

$PLUGINSDI...er.exe

windows10-2004-x64

7

$PLUGINSDI...BI.exe

windows7-x64

7

$PLUGINSDI...BI.exe

windows10-2004-x64

7

$PLUGINSDI...cc.exe

windows7-x64

7

$PLUGINSDI...cc.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ed.htm

windows7-x64

3

$PLUGINSDI...ed.htm

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...lp.dll

windows7-x64

3

$PLUGINSDI...lp.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

5

$PLUGINSDI...ay.dll

windows10-2004-x64

5

$PLUGINSDI...st.dll

windows7-x64

3

$PLUGINSDI...st.dll

windows10-2004-x64

3

$PLUGINSDIR/xml.dll

windows7-x64

3

$PLUGINSDIR/xml.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 17:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/Failed.htm

  • Size

    6KB

  • MD5

    4bca38bc78f5e8283655b1dda3d81b2c

  • SHA1

    b1e61db910ebc37bcbf4650d773d727b15fc8554

  • SHA256

    16b03f64adc522298a636a117869d821379e341314704a4eb7e2263689e76d91

  • SHA512

    6b4559f2f658835ca3a5a8772f424415838990fd7b22ce9452577c6f1e92c8776fe8f25e2747e91dcf59b390084d82bc48f3bfaafb242c3374b0e98e81db3509

  • SSDEEP

    192:0BA1WBLKOIIMwFTsVEuuzXLtnMB7QfOLCqaNhp:0yW9KOpsVEuuzXLtnMB7QfyDad

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Failed.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2472
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2472 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2820

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2edf75ff2d7a66765b29c18a4d2a3529

    SHA1

    efd8bb958e1140cd6b6a4bb05b60d59596fe7846

    SHA256

    b010936a963087f04ff673760bd0aa04814be629205e6bbc6a5227314934733e

    SHA512

    932f28fd781566fa800c4c81cae3aeb6d076a1d1fa5b72d6238ff41d346bb1dce167d119302fc633f9fde63cd8fc7006c3cbb1b0dcc549a6acf2cb8a8e8d9e6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75181444af6e0845c7b11e411cdcacc8

    SHA1

    e164ab239eb2f53acec8698b329074eb09a69372

    SHA256

    96f15be0fe4dd595400b083cee7a50326860e5935fe340cdd4df01bad1321f7e

    SHA512

    d570cc007996674ddf8486d4aaf9e13017b4a5c755964240330c5ae1e6eabab26f9403e75c7b03bccc4a1fed44eff2337cd234bf79ccbe8db68ad1e4c7a1a8f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0037a76cf4e8bacbfc8ff349eca7f37

    SHA1

    4df6d1105a43d9c7776672b0b421533f64c2f64d

    SHA256

    6acc0d2279b48a5e2752325076ac73bf0dd7970d53f7adc8eff520015aeae07b

    SHA512

    560aea3eeaf6f2b886e0d9e2ee2453e8f8b464969678d541fe2f057aa73d815bff5405f050e7cf2ae82a4fc53729501b2533cd9276d2c2455c4e6f4d22ead96f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    339a5c9fe8d3516e7cbbbae44480df74

    SHA1

    e4cf1de2c76bb9b8f29c01768a25dc3ab1bab061

    SHA256

    7f14267a621f3f882803b056a797ab34def6bb2f09ddf470adadb61d12f123b4

    SHA512

    08c249fdd053e718d42c5986622a9558c6e09b3e6b05edcce67735194fc52f082c2ebf27612b1e98ad141d76d0614bb14c99ccbf32f1707deec203c147820904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0bdbc5e1a8e6d4919414d975dfe64872

    SHA1

    976822c00768b1d58d2ea6c2c851ebaa123e301c

    SHA256

    d51135c1368a661a77a9e8cfe4ce63d32dd05e67054e92b551653c268ed8d753

    SHA512

    7347719b61c37dd03e7cab966bb35f0548cdf8d326973454959c2e43cfc70b1279a80d6e0f24f90313d4fc2c7fff8af721738ba8f49549e03cc9bbee02ecf833

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7f016904ae1cdbc5961f66b14f3870b

    SHA1

    61ada18d53aada2f768bb5b3e548aa8f9c9fd01a

    SHA256

    c6e7e51431bdfb51a1057f8d10f1e1b5dcb5f035ac59dddf36acd625d9664d9f

    SHA512

    231471d8e0f97da1afd3941b2daf90d2a295b6e52a2b97e59c4463e3f75cee03571c5a72c08ebd6dac28fdeba2f476245d84b3f5140dcdc39fac8856fb6b1a13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d8c4133563016652d5b2747c3d3fb02

    SHA1

    99daffba11edf8181d44ea4432f99a784d59e88d

    SHA256

    f0a9042e33113c47cd85736f468f8b02f198d046e25ea7daec61efdbf0284226

    SHA512

    5be98d87f14520c046af110077c50aec7fdbc67b920fecf126274e11291af50f0cd19fec1564c59148626e80ba6ff968cbc6b20ccfa8d59ca1e8f2d61f6f6d65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    363110de73f3690557a62c63ab1e46b0

    SHA1

    b12d28e5b6513e92ee6dc6375915faaa3556e82a

    SHA256

    d5384013563a8e544e481f025132c31bde3376c0fb9e82f20de97976a1088129

    SHA512

    173be85fd8cf6697065e09d8636148370112f1bc8887c102f5341c8cc90854d4c82f113b01afaabca12bd3d8816f7b1e7b22184ebf1c74350ae97d73d0872771

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e730d0a99333afd911f43f7d1e873a50

    SHA1

    e358e75d03e82b365a7cee38af55d324e287a45c

    SHA256

    c4a43c397438c35cd6014f1d8bab62367cc38c4028f9f0ef856221dd8601ae14

    SHA512

    9dcf11fec18b93f31ba4d6249acc44cd1860ac2a1688297aa26639796c1ccc4e1538d0362a5c2f97572ab87f4decfef999d9a8cc82287cb5afbb7ec6d4a7d4d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    291d62758521959d83ba5fe15a77c992

    SHA1

    615e40c9a179f99e44c7e3f46efe86c3a6912fb6

    SHA256

    3d63814d60a97e0ee4698d5bf811b1cd321a8be27e79c73bbeef1ffced91465c

    SHA512

    f38459f981646064d4c4ee798a08632058566be53348065f57343472dd7b688987707632a820daa010bb38a5b38c83a45e765b4e20cf957b0673582eeebf8e91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efb6e43c348422535a2a948cc31ec458

    SHA1

    2961551bb8f35ead83fd643982a530a75f5874ad

    SHA256

    eb5e4016b035fda7229958f4914f374a892af7f1bce194a24e495f5ca9a7e722

    SHA512

    0409abf255a4bb3ea340f26ac4ec8c25452ffb61fe860c772db5048f79a8a0449fed07218908d9250331aa731646cdb8d22f0287cba2e478bda5694f82b128b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d1d000eacb50d9495502ac50d803b62

    SHA1

    5760bd7d18deda0689647e7ec2f49cc44120fd63

    SHA256

    518254e4c97dae8909b20b97d18122382629cf89625867bd183c83ee19a17712

    SHA512

    dbcda938c8dbd121ca4429ab0986fa44eb7c607fab78327ddba87123019e879be96741458e0725887d27ca16f8f6cda22d76dc48190558df3e81e30ab5520a99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a891b743d9c81390edbb2ed9e3df083

    SHA1

    ed8c5b712e0e9288b51c8b4da6d5ece1c8c1ee45

    SHA256

    49362b4490eba5fcf591656a2e0ab1300f7ba24491ee03521bdb2b9552571a5b

    SHA512

    72b682a54c82904d7ab378c258e3f52dda43c7e43803367b1ab40c92a0b777a8477098d2715093c76515a4e694d4b48881dae3b1b9c5c7bc34bdad78e2c02879

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a31a85fe01ad97cb0e15adb755b9925

    SHA1

    1b860661540d70df80ae3ae22ffddabc35f65b26

    SHA256

    183ff026b9fc7519fced037a0da0ab071ba9bbb3456a839b60bffd5700f62a53

    SHA512

    4537d2fdbfd9c0953067edba40f6383e7b271c4fdec9b934ba7ece06c0f8314b66e7832fa32b6bfdd3d364ec84eb9dfce167abc0cc8417ae0d678ae4fc5472b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb9d64f4ea8a241e216c853e1d8c0158

    SHA1

    e9c21ebd2b4939361564e327a957d962dfbc3681

    SHA256

    9325b71d5190ccb2106d0a6e11c0a5ecd47c27def845ea08bb87e49a779094a1

    SHA512

    2472a047b0a6cb08636f0f1b13db3f418accc2129b7445dd37b5996129c8bad2c8e0da3eeefd5d8ef7ed6bd0df50eb5d81a3d5af232f69e09152e8fef407520b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90fb05a1f9cc42f443d3f46321bd8747

    SHA1

    0e39ce6d7dcc8c9dd2e51282e2c40fddc05afc26

    SHA256

    a9998d97e6bc12b5d4ecc86f4480f1135d859f5160dab7b3f3128fb01a4f2696

    SHA512

    c5ca2fa6ee57c593d0601260341302dd7de843e1893cf4d9ee950210be2c862a8e11fbcfd26f1d329399eab46a40e90349f82ecc707f800aae704110834184a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5347aac34eccd1bbe9a367d68119f20f

    SHA1

    c119b4950e8a0db4f19b590474f44431b6d47271

    SHA256

    25400016d0037b6be6fc333e907fc2b2c2eb94260fc1b44d737e768f7484356d

    SHA512

    b8a39534156929777a3a9cb447e03d2f3cefe77d9c69533e3b1e295bb0d8e4b2bfafc5245393dd68ff63eb6f3ef623860bd8d5a0163738db4d913d9303ade42e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20d19e1b9d4c468140c8d69553e7fd1f

    SHA1

    15e4903723f51b54c42e8c48fb0574912ba4a0cf

    SHA256

    704b8a801430c962479dc13067b8610c455ca7fc0366fe4c02329dc30ff2d26a

    SHA512

    66c479c0eb6e409430c77f0badc5ec827e5af41edbc666b4aae22deb1ba5397f6776c374360dfed999b94d21e808fbc331602d5a803506c511ed1cfbbe14eaa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21e2035d74a0b9e50416dee7e8be5383

    SHA1

    3f62d7d5a2c0f7f9ef359372f91b2edc3887cc41

    SHA256

    5331fe92bd8331557c69aded994659c9e19dfd6e7eb31c044a4608744ff0b9e2

    SHA512

    3bec1f42a9e1f8601abe8590bb63a77c173e963f0bc556661db7151659c43b7ec13f3bc52e2454180384afb6ba0711f8db7275db24c716200f023c7fda7ca5ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8B7E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8C10.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit