Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

28e9c9b769...18.exe

windows7-x64

7

28e9c9b769...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$TEMP/Toolbar.exe

windows7-x64

7

$TEMP/Toolbar.exe

windows10-2004-x64

7

content/aboutTabs.htm

windows7-x64

3

content/aboutTabs.htm

windows10-2004-x64

3

content/ctoolbar.js

windows7-x64

3

content/ctoolbar.js

windows10-2004-x64

3

components...rch.js

windows7-x64

3

components...rch.js

windows10-2004-x64

3

components...bar.js

windows7-x64

3

components...bar.js

windows10-2004-x64

3

components...rt.dll

windows7-x64

3

components...rt.dll

windows10-2004-x64

3

components...re.dll

windows7-x64

3

components...re.dll

windows10-2004-x64

3

defaults/fbAlert.html

windows7-x64

3

defaults/fbAlert.html

windows10-2004-x64

3

lib/xpcom.js

windows7-x64

3

lib/xpcom.js

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 02:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    content/aboutTabs.htm

  • Size

    143B

  • MD5

    30b063c23ccd0e573f7956a49e6ad2da

  • SHA1

    b43ddff041bd7e3fdec541b0b3004ecd661db8d0

  • SHA256

    dde0330a494598aee2dec1ed467b0ce99400b860a9eec03e59a963090736cf9a

  • SHA512

    5af5794bc10afd6692ef9eccfb860248fbf656361fd6cbbe399e497bf0f8c9e9e603eb0dc3781344a53ae84578e1618e60a9a1096cc3a0b149e2e4c82c8c43c4

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\content\aboutTabs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1088 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    934609c610f0113f7eb3391e689a570c

    SHA1

    b184f5a54c0133b52f24be3451fa8405dabe8a93

    SHA256

    6a2c9bfe7a66bb618358dd19f4de7db083b2902231fba7e471d2683b48e91577

    SHA512

    df5dfe1a31ba5ec256a222d09ccdec232ad66232d14b8d8481f68f720a0eee0125e9d3c98969c06d67ed7610217a01a88c38107088637c151699eb2ad0b9b0b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2e2bc06bac55884e4724e148e6120a6

    SHA1

    3d05c46bf8d8989e74ad66c7111c322813e424c5

    SHA256

    cc843db64a34da648ce1592246606c7a13b7f44fd632f8c7981e7bfa4a29ac7f

    SHA512

    38ae8b33741e462175c2a12af82e39787995a377f75eba27984911efcf58ba7dcf3ab2872d6e4ea16a8aa66e02bb5d24964591a6205ec12549a6ef8bc3b88ac6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f82238809986311205f885efe924597

    SHA1

    bedd76e5b606d1a9f7e6734868ec94cc30378afb

    SHA256

    09522efe4bbf6ac81f145415277063001c4c88f361ca6f06c918d4bdf5e055ac

    SHA512

    3525e46e63d00ce1afcb25a2ba5de81fff0a32b2bb6e46756ae7c2c8c23db2957a19b60938f1517bbcf0b45974e9c17211a0f4103cc6c4fd2817e3dbc4bb8705

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    797c5dc325356c444b4ef335ecb15f86

    SHA1

    58e375acb8b8bd9ce07e6a6681950eda5e382d90

    SHA256

    5c0f93aa73762199655d6dfe53f7e8c177ff19736ce987dff68efb35404b5783

    SHA512

    7d6f6bcbce523a1efb455436d90f36f02925aebff5eb86912bf69886ac5c3f8de0d6008523953d1dc5fb02d30bc9764d81db8be0d82c2cdef8555c4102e4528b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    295fadc4c455315a368b26a6bc6587a0

    SHA1

    04783efd24bfb7298da850a3c0675c86069e5726

    SHA256

    4063893b5bbbd3df285e93804b96954b16f50b603272da782547a7252eca7c0b

    SHA512

    a29be5b5f2b3485ffad708a36ba6ed8c388d32c3681a13896cf1e982b92e24235c0b3ac9b69834d767f1d455c1a662cc51473ebe2ce93a9c7a561d4918a63248

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3dbdbf6adcda34ec00323f69b7e0dde

    SHA1

    12e2b71bc6ceddf932b1a49eed05b17a10a4eea5

    SHA256

    cc6a406928f788bdeb63074ed40032cf5543f2b6ccdd1ffbc4f90b7e653a3596

    SHA512

    d198173e4a2a6ba3d2c913c757c5f53e6f057e16c3d8df3b75a9ef060bea6b55a0e0a3f0559384bac743f0cea5e1e844789abedb8dcf3c872d8d5d0b970f5656

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1a2b97eaa0eb8ff710aec6130da2cbe

    SHA1

    c78c9f6816bd7c48d58994d7a09e4d77caeb8e48

    SHA256

    90257357aa93c6be2d1c6f8bcda9a83018aa5b2f53b3491d653a541791770adc

    SHA512

    bfcb9f79aabc0f3da3245ed25ab8d6167e3db813bf65f5d9b26d0770386efa1a643aa333f729907a8fd8c62ac829f73b58ecb12a1e42b73328890551f4e2ddd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b712c508ceb530c1ef08adc26aa991a9

    SHA1

    2b308547c03a5ea999eaa18693cd27c60d850e68

    SHA256

    0fd29d2ca616f9a93ea6734d46c70ba99cfea48f44ba0e75b0ebca46f9226be6

    SHA512

    62cf78f2b35d591c46e10e2410c10107fccac418145d90bfb6ab771282f61db06f0abac4f19a8a19e2e7b97c515e4a46521c157a1674da162537b98d9d85861f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    354342518f443e5c077da1093c492410

    SHA1

    288bd8c3cf39fcf494a851da367fe8f9a6797de3

    SHA256

    b81d18bba9550adfaa07a83512c1bb719c4605650c8182442d98640dd9c9411d

    SHA512

    7a6ec4f9e3234ac950a530a0fc487a7af99f98e78de0a477fc16f1b94f9df4764cc2003783014989e99f65b99811b8354c9a9a9f808b8e75eb94ff08acc469e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9b8e1fcd741e4cb1c5749d227329ce5

    SHA1

    3131673d2dd8f4750847c4fb71ca5064328c9dfa

    SHA256

    d93f81328e285e8021519b4723aa2553da9c80de86aa3883e30f5a87aeaa92ca

    SHA512

    c6797683ef1da1672b8a3ba63c0d240922b0bbf3e1739b765ac09cce00c924045f4b92c81c64e884eca4894c139522a4f082353fe9ff9dd5c09f51cfe59a5f89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57c0a1f1331ee3fa1386fc2176b43396

    SHA1

    b5b8e9c9313a8d8374925c2bec619fbdfc6334f2

    SHA256

    d434a094d8e8935119ba10ad3b42e47c1bf4e40f3446053117739b3684746b14

    SHA512

    5f68b0d52a98b289e5f1aed7280ae5b1e93cea5aae75cf85287931cdea1be312affde9c90074467ea09340a7d35c7699701e504c05da0051a7bc6b9c910a8e72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96a8e123d924430076643c74c72bf55e

    SHA1

    9f6828a518df1f0db25a9676cf1400bff5fe5343

    SHA256

    191e159a725c46d0234bd8b444b8a3c79cda3362f04fbba9cd626996eb9507a9

    SHA512

    1050d17e10ecf7afe18e06f1fd471e90389b1d6a68781c25d79d803318d1ed37ab3d356381408fadbbd1ff532001ae0f22e752820146d93ee8b2a9515232a371

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    209bbd4ad4705439c5739ba8d2770e80

    SHA1

    bea36166245b5204afdf611794ac75af5f1e8796

    SHA256

    1ca7f3d5a403390ddf8ea098aaf9a787256d5f1581f4dc88ad0b8b7413232ede

    SHA512

    9c4270bb9e22e3bceb98d1166c0a3554bb169b8a66565c2192815118bd81af3adb4d9c9d676571098ff673ff0c39b55fce39caa4fa126dd58ed7c42a465b9bbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4477e3bc974706de43a952c41ca4f5e6

    SHA1

    0161051c368030b4e2b3f9eb0159d92ad7575ae7

    SHA256

    31ff89aa1f6e32022f1837f964aceaed71816646e68b10c993711945f70f94e7

    SHA512

    a39e9ccfb2b3574f5e45bdf2eeb7f2fe2c5c7a492b54bd5f11bc5d31ec254e909d0b1dc14eeea59a3352e093384c8445d322d94ab267bce17b35c466e69df122

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d66d4b3d2e52edf8c0f62451175d4e3a

    SHA1

    27737d0c511be792f9da82354e088be52ab78ee5

    SHA256

    3a1e47440ee0ee5c74e1bbcd2a11573cbeb87ff3a11fe283e28f70989aac0f4d

    SHA512

    7624bc8ba6b46b5662c62870fa047d20281cbaa6fce2af2d8e7552407720668c9ee6cb11ff71a26c3e4d0eb8cbd7553c2b143676f99c32e2676327e5ab1e79af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    919c5f2d02ff03435fdc2346a782c90e

    SHA1

    f78894e41db75459e7b8b86d51a641587c7ece49

    SHA256

    891ec4712ed4d68cbbd804500c26a296fae5eb82215a816ff6f5c1df2de30250

    SHA512

    5d867210a0e503dde0eea83f9e087bbee4486ec62a28159ecb2db54043ad4c406e23e0f1e8210889eb6bdfdf3d8c513323def4faed33fca92a19b0c52a4e9fb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ac402b165c1282bb7d51370dfbbb03e

    SHA1

    ade5a7bbde56dacf0337e3d329271a8fe30e2c9d

    SHA256

    22b54077793544d19769b10e9ef0d96383f58ca8a35371c6d7a60c466e90b0e4

    SHA512

    465098df47ed066714c04ef2dfa1484f02aa1c35b6f2fd42fbf8148248a80da0ea3650490c3ff03fd39d38d408ab7886704e608eb7fa63b7614fa56a1f4d7bd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0251679a828e51058dd13df93ebcfee4

    SHA1

    9f0a6fe920d8965522691cd0c7e48dff16480cf9

    SHA256

    c5812f946f892033947b44ede21767f8576ece12714b0af61aefd083cd886916

    SHA512

    266a851abb26cfcc3707c53e56f756b71e8e32a8ea1b461ea82c96f85e72a17af08b406b759f3bdd1d34a86d8eadeca34ebcacc388715f3df153231af9861063

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4A8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit