Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

240928-zq9...l.html

windows7-x64

3

Resubmissions

05/10/2024, 02:42

241005-c67lrsveqc 3

05/10/2024, 02:08

241005-ckq2wszamm 3

Analysis

  • max time kernel
    75s
  • max time network
    76s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/10/2024, 02:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    240928-zq94aawckl.html

  • Size

    144KB

  • MD5

    a446401ca7343c2ea81241d18067b122

  • SHA1

    226f6403a97b79b902be534636d0578405be9562

  • SHA256

    b1eade5a417c82c5a1ecbc6da47702584706066ccfe98b53f1fd2a37ef3cffde

  • SHA512

    4ca61f0d73160ccaebd7456d414545072af87d22783c41cdb84b41914ffd7f87889922be7676147f22922a52cfdd871be270d293a962dea87e0163cfc9832090

  • SSDEEP

    3072:wnNUWxz4qVtEO+Od7JU41IxyHKFDoNQX1GvSj2CsKpDdnPXvjb4/nTu6A3DMeg/P:CUWQu

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\240928-zq94aawckl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2108
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2108 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14e8ceff39e3aa579f142d9b79b87d3f

    SHA1

    993d4a860fa07ee1691dd87fcf36bef80420d32d

    SHA256

    b120ceca7af0291211d44f14c1775254ed15cf3d0e8de212fec924bf16ac375a

    SHA512

    e77331dfc3bae8c506df7362177db3b46db1da8414251300636c392ef6e6abf33f59525f82d3b62c1e2edc494ea483a8876ab39fdf7f0bc899141c15dbdcb70a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a21d339a46e4279df2741baddbd0152c

    SHA1

    a89e6501566468c778f65fc6ed4facd6f6981d69

    SHA256

    8a15a87bb3962a67fbb642ac2b5ffa4622679bdaf80a68838ac84ff760fbbc79

    SHA512

    0a52682b1a7f174325434e0707db0f80fa68e9825f81157a1b5dbd34bf05b0d448f7e368133da99aea703e85e2c6e9a7faefefb9a48007970fe062b69421e2c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    701b578fc90ea8c1f5aa0eb04da59df0

    SHA1

    1295159e8d19bdba688e97c648f2941cb1abc385

    SHA256

    49bfbe1af7dc998c5c67284b6c4c06717700a771389014f52dcea3d370156bb4

    SHA512

    26ff71b21af2043c1f132902e18883b5e87cf52d51dedeb44a3484a2c5a0e180736588f190b3ff4cd67ceb7c9ba7a83cb86ee8aa8713aadc977425371e1fd425

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45a3d52eee74236ae766a4fba8dfd5c9

    SHA1

    e449b97ce272f04d975a92ca170e1df32a32b07c

    SHA256

    25fd134ef6eeebf9d3de9ea62f935be5da19ebb49e53afc05c557c3c76267c42

    SHA512

    e1dd53f3ac7661bca88b985a4de780c14661fefe6153e3b8200a82763068000f2453573919de6d83a211afb38368d00c662606739cfe7cfc4dac2e4682854614

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43a929129c72410f910a9f28778aab84

    SHA1

    fbfab70f0216f4f0b75e49f2a5330a9583fd482f

    SHA256

    61fdf66be36f9078a2a2d7b71f555e057b14085935004bef6fe0ee2702e132a8

    SHA512

    726415e490722af3b6981702ff3401b9fab20bcc57f256ead2e99ff94be841443d4348ac20050fcdee4af6b4ec054b3c1d5988a5699a7d33b128b733a1c0441a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73fcc1447defa46ffbc792b964b9a759

    SHA1

    d0376c83b20e5682242f6c03819157abd9574091

    SHA256

    b86d91806bf948cafb50be49ee55082a5e203784e1fb32a2b4b96e630e387665

    SHA512

    e09e3cca094d499148cf4fba3cbb4c33d16bbfae6d84e64dbef137f7da5d09845742e1441fec035e1402ae98b9a88b7b3477f83621fc777fc095c17acb0ef0f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47ce2d5606d0be3b66b0843005432df8

    SHA1

    310f40a7f8560e0de312638dd8284f780056fb64

    SHA256

    aad785a0ed0f205243bd847eb7f44badf0a5e9c5efd4344bbe7d27f65534d090

    SHA512

    891cb8eacb17ad5c1ca55ffa158af6be78b4ff9b8cd135b2dd92ec79e2ed233913ec5958f193a98e7aab5dbb759f182aa98d16f97c609601389037139facafa2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff756ca027a0564a19e33c7b4d635086

    SHA1

    848fe699c1d63bf51f314caadbedf693ec79f4a7

    SHA256

    a6334c28ce458fcabb744f47d6f9c0a24851424f8e248884e0f9d2c59c3c31ec

    SHA512

    5c0a250b7150272247962ae531d87c44ee7b6ab2b15eed60d9e91cd4ffe06f6dbf0b2fb4ae6b9acd81069e2e11d7bb7e65a5cf50dee00c2d2e09d701bf002f95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b77208b455a414e7f92cfb3f37eb1cf

    SHA1

    c883f3b0700d43e26dd01ccb815fb55574b3ec7c

    SHA256

    4351c2467eaaea459abcf39eef09128a3ffd889176d31b1cb34949c627676827

    SHA512

    a9c5fa2235486ce5bd1a071dac332d7c31973ee5d6831384d3519d3b851a31dfe559e00ed56475945ba5c28f10597715c91600cffd60a6c0f0c0b4f252b1e8a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE458.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE4CA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit