Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

qqdljlglqC...��.htm

windows7-x64

3

qqdljlglqC...��.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 17:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    qqdljlglqCNGR/必看说明.htm

  • Size

    6KB

  • MD5

    6a9f3b8faf3a8748fa8a1ddda1c3be82

  • SHA1

    89b44cf7a8c1dcfa43bab0ce28b700fdb04fd7bc

  • SHA256

    b3652317bcb781bd6338aebc067f49991c88c1697902e09df9e2b3009e34feef

  • SHA512

    b86318a51c582782a24cc6d1773d97337e6fc574ece95dee32488bf53a06fb3c45006156c25fa78839d61931b54d370f7ef76af9c799e951438c32767741902e

  • SSDEEP

    96:eugWlXZktTuDndkYWuokAbVXHISaQN1exgemaQNA5FaQ/APUgJX/kh8rW3H6aQN0:e3iXFDzeXdxfx2Fxh8rW3H6x9xzWn

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\qqdljlglqCNGR\必看说明.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2992 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e8ba4cc4fe8122d1ca5106a59a27fa9

    SHA1

    bb1243e01ed3c8868f17616649a072c1ea726d22

    SHA256

    f4520743a1865f1a3cf6d10a3eb27b6580631a3313f170d5833b02faeff57e50

    SHA512

    9a4a939a92e2b148c615104312e21e372a7606468b8cff487f61cba225d421bcc7501c64aa10064e15c5b30ffc1d9d1d41fd0fbeea3666f30e11d133602d8033

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5f493190f5dcf2e2b4bc2d6ce4a7d70

    SHA1

    a0456dae74b71c5c7555aead40073811fc7c96af

    SHA256

    931d888b71cbdc7c50800a64e37495d7a0316810a46f8e62945ecd977b02494f

    SHA512

    e1828cb22764fe4b2bcbba015cc0b88f27597b2c9e7f4bea2d549cd7022888867f6d962656abfe458e9a648350fee635ada5711de52cbf22e4e438a9ba5c60d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25c15ba930130b46dec8165a23746b60

    SHA1

    c36fd513016effe0ab078913d819bff3458e17b3

    SHA256

    d9a39187cd4efc94c5170ae4f5b706b413f278668584e4c780cfdd359961eeee

    SHA512

    f742c93fa3e45f7832571bfdbdfb5c7ea71d1a4b6338c6c96f8c1d870adb6d5c46da2244cc0037dbc74a00857280aed09aa5a6743a2897b403319f5c8f293e61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28e962a9dcfa30ff8b2b8112080bf864

    SHA1

    58df7de2fb1334f56e2269ffca7f7ac9e34e45ef

    SHA256

    728b39ba52a7d57ad5068af3f0aaf7f5b1b9929da36de1055dd994a52da7e467

    SHA512

    c62b8d791e111cf4f9d5927877dabe0a8ec33f28b93dbafddabd96e3ea7904acca93a802a2d49d4a179b7331f7f04761352f3fc9fbec67dd37affbe723ddfd36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fd1da37c9c19ed6fbfbc9b65e0838a0

    SHA1

    69fa23935a9cc09190a023e8ce4bdfc5b6bcb518

    SHA256

    eecdaaa8e93bf92af1468578100eda288e2facb86ce4f7d9d847d553711ee495

    SHA512

    2dfa7063749c76863376754c148b22fa1a965f0d399c473167cb1fc4d0dc007093c250aacca58a8ab35a47081a897fddc85e281373cf1936fcb26fb2ea291639

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40f22653967cf9e89158955a55cd5e5f

    SHA1

    69cda764b9db070265e6120a74dc5a5bf62b0171

    SHA256

    2642c9212fd1b884ccb0886d706b3e7e86577ca58e299544d82ac97a8ce44c9b

    SHA512

    1f427fd628c01dc2043b7c564eb8782f3855b7f5dd419086b8d0c8c52ce696f40aed56d8b5d7ea90a62502e35adc0b8f5bba7d63bd1028ec4f82e97f6a3164da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c9bc0a6df6ab77a6801243581ba96c9

    SHA1

    4b16379470523e6a9e716dc36729495f885b8185

    SHA256

    757f406bf1f289b37eae7efaf0fbb503907a3130cbde580563f0a5159b6d88dc

    SHA512

    f262145c08abbcec44b0300859d381d8c115443f6d2ab25d4f2a38c16b81244b7b1a346b85971f26b62e741e92bf3b1938d2df40089e45b83475104bd55daf20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    990ab049e9aa54afc92416e6470a52f6

    SHA1

    287fd59eca62870b17737f9ec75ef7871434bced

    SHA256

    b2408074425de8afc0989f39d7cf95bb44016cab0deb50ff7ccacbbb1ab76056

    SHA512

    bc7d1e8a6d673e17f73bb419ea1181200254f1b52f31eaadd7dbbc6a611a16f3b720a7eb8781bef5ac80a030380458806114607cd5ed9f40a15f2666f340a7bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4975ed04ee5a7686dd066bc58861cfde

    SHA1

    12cbc8b2a46003fac71dd1a4b1ec124c0e08f42f

    SHA256

    8cc3d77d9b6c2f511937fa31aa64a815690a57faaf81d278747a8b5da4dd34bc

    SHA512

    b4578ba94abd6ae8f3363c879b47872f5d25525aba0e3a15d5f16560217b17c4f828de7a03c1ee5fa9517f1e2ccbd8fe0a4e5519f99a95b4d743bc88da76e66f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5194036514b6bb562577fdbe347f8b6

    SHA1

    c32186f646d7c53346c84bf743af0c795cf001a2

    SHA256

    7ed814040926c257ad1a9a0afb51c120d2af30c078f363f51410d7688666b822

    SHA512

    9c93c3a726e263b9cc099f0e2ff5da66eb08d5a8b5faa89ebf7b45c22bef7e3c30febf7f32a65dad8d23a36e40a0b873d55475972b81cfd24812f3f708592fe1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0694ab98b50a1519229c9e01dd8eb57e

    SHA1

    eb8a9be6e03e44868c70fc543be97def0af18df4

    SHA256

    20b89319082049056e3f9ee65185eeea76b19c3210c70aecd3a3b87493897684

    SHA512

    00425e6fad49164cdb70361d139f88aff4db74118e3b09ae7e16f8679866dffcae01c3335579cc5fca248d003428974146e8c74f8e73f5e251907ee1b0d1fdee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c485ac923b1c33a61a1c175bd0b5932d

    SHA1

    6406ff08259c280d44624188b399b9070af3f417

    SHA256

    d9855cd017c5b3c711b7f6b711d7377bce222d63e3cfd9ab56455e9f87f371a8

    SHA512

    4f1a16c30512bfb9796ec84b536c823b4fef76959d43defa0030617469fe7b97028cfb2d426f4fbd6a090c67c66417dc2e200899c659b3175b503895ed4ad76d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7f65f4380e499c704ec93b8eee032eb

    SHA1

    a7185d1658cb49941068b66c14af1baa6dd14b65

    SHA256

    4f0bdf45758cc9e6670b5bcc797a4ab74b7d34b891ea307e12d6a895a3c240be

    SHA512

    2e9593e8dc53c2222e574e5bad715536e03e5728f7f21c487c1608db553ab007675716f8e2c77c8eebb972a65c1bf669e46d2fc945d5f27377e46426e207a7a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9383ad3bd9f53624085014d55cfa710f

    SHA1

    68bc8ca82298d8fd0d458298e13425d7344ce68d

    SHA256

    f98bea574bde11c6b3bb7d965211e1d9c4c589c1e93b477a690f0eb2c5b11003

    SHA512

    831dac1ff2094a7896ad3ac4e224935ffb55a998a4797fd656cf3728eb71e73c5f71dd61b785c5d4cfd0e664467656a7fe11ad8a58018e98da31abf38638beac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f98cd6247e87807994d20882642d9f5

    SHA1

    e00b4df80ad54176566485c7fab7004d60cf2a2c

    SHA256

    09ce82421a6cad1047982759a1ce66aaf78ce4cd3859c3b3155a574279731dae

    SHA512

    f29a79fbad500eeac0e169328820a14a8e472646ed9964986272958d93c88d5abb15a5885ce3a796b43716fa1d2b6b40e18d6d0aa2a69014bde69b18e0adffdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    372e0b5e6a021201ec8f731da25e6c54

    SHA1

    ee085142cfe6618009e6495ed345e0cc28caad2a

    SHA256

    4f2a434f1693299222bfc53fb75a4b71922bbcf713bd68c3272a7a2effd9eb3c

    SHA512

    60aeea1d70b03247b33783656d672fff212507d0f54d62868617a20c0053a7cbd3416b51bbc9e781d8c0f7a74ac74bcaac1a32fbb4405633f4b0cde3c8c1866a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5aade2e9e8c32f6f94db2ad4b8560004

    SHA1

    a4d2ea87388b38fb37b6b6ee6ddc1b45af9d5397

    SHA256

    f7e0bcb512e473aef38d76da605be912a6a0d77580f4a042732f20f13e8d3d27

    SHA512

    4b031a45a249de720af096724dc106d741fe4c25ec0613d3feba1b2ad14c9de92f890c8c3c982bc250100b8d846555cb046b00cd157739a85f246c7dd9ce3aa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b2a482605a795ecc639d9f96e3a5c4d

    SHA1

    36377c216de49ceddea6e353a4df110012366d5e

    SHA256

    3f9bc3bb2382b36d9367cc79341dd8ce3c74d5902e96a39358ddb2e284e5f998

    SHA512

    82de4f679614d1013dca6a5e155ff4afd7fc3ff5b7e2147b23a8b849a5f6519c7771eff4c80845a707cf367ae3bd88d61542031c543b9d78e03ab70546a93e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01f0357874889cd400636a143daa7d2f

    SHA1

    59546a1d68a2eebfc6ad13561ca5b1b9efb7d396

    SHA256

    6353bbfd3d593562c09c9b5ca78a8971eba97e92be1660dcecc58c1d8c61a2a1

    SHA512

    c7e11a223f7725ceb3d1ee31b39df3de9e4c1fcfb675301946d763c4c7f6aa7540ad19e0a437fac2357cc205641eb83aba2820afa6f364396efe1d769be2dd8c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQFHO95Z\count[1].htm
    Filesize

    4KB

    MD5

    2feccc713b174182c2483b643d0dcf28

    SHA1

    8efa35bcefd2b8d9e5a1549fef9ed18f6700cc53

    SHA256

    3470b8344c2e054bf129663d4e159d26d1a0595a15f21bd0f06c2abaed4684fe

    SHA512

    64eb16e2a116851c68cf16a820d817d8bc3735a1fab1c0f444c559fb425d39de4f8b716de2d0d1e16c2d1e87d61a95af4e6312f297ae44c1e971f97024c459a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDD96.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDE25.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit