Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2dd996e7c1...dN.exe

windows7-x64

3

2dd996e7c1...dN.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    66s
  • max time network
    67s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 08:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2dd996e7c13658be53b4781852507ff97af2ae062c1fbd3a60122717334cd59dN.exe

  • Size

    464KB

  • MD5

    1913185325b7c501312bee5decc3fc50

  • SHA1

    90cb34d2d6d5e848edd3b07d1c46f669072b839c

  • SHA256

    2dd996e7c13658be53b4781852507ff97af2ae062c1fbd3a60122717334cd59d

  • SHA512

    c2440c8f943eb617aa81f25315b6de4d7a454cdbbf9088f749edb4198b10585bfe667c0aceba647c57822f74234827a7ff7a858d48bb62f94e163cebf1530e09

  • SSDEEP

    6144:+x6iVRLGDZLdHbTLvSAuYC27NkoTD/Eyf/To1ysI5uw7+WJz6lyqp3U+iyPmyQC5:8F6v73qbL2vnTowJ6Vh+yPQtrfcFT

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2dd996e7c13658be53b4781852507ff97af2ae062c1fbd3a60122717334cd59dN.exe
    "C:\Users\Admin\AppData\Local\Temp\2dd996e7c13658be53b4781852507ff97af2ae062c1fbd3a60122717334cd59dN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.cbsupermarket.com/health & fitness/addiction/smoking-hour-smoker-online.htm
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2720
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2628

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65b0647c5bf982f4724cebe44dbbacd6

    SHA1

    137dab4863751964fe71f4ef7089dc70dbf8580c

    SHA256

    4b12908ddd91ae54d34d5b9c4261817b9725b39b5dbe12489270cbcf0a28c504

    SHA512

    faad1fc1d12330279ffca73e9f401f9335851ceb266f45ede5a95fd7c12a0595f5ee32876da400e00eb02eff4ef9855129be1e7f3b63a2c3ae4fa37719885148

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93a58b38660edec2493da348b24dba5c

    SHA1

    c0139c19c3ff9880e0f2f4724f7e2c86b8afcc20

    SHA256

    a1b44822ce7a78d808e07e0ca2208b01a85c3a447015b78773bed58f74728e5e

    SHA512

    7e1b4d9cb7aea61b00eb1e2c8b6ed5855600534a0f86df3df24acb014dfa0f7db002c9d00175f19f1d74592aa7c1c01762c2d6e595c3a478ff3c0f3e80150b88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e05f8ce54dbe80570c5f9a87525522ee

    SHA1

    9b975c2b3f2e00cf8e896d226ba202a0d1ac8f84

    SHA256

    bd8fd07870e62aa6baf326d99f9bcbe76eef305fdb93769c6634983bacc43b40

    SHA512

    cefc77344727c1069d45bc0f453978d4960c73db807315212ceb17e5edbb322636129d9cdd30cdb9db0c7bbd3cadf1b87dfa08ebea5bf0654c11265a732e869c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    759526b45e910e563685aec13f848dc6

    SHA1

    c27131afcf0bf2c659c89a434dd0c680d858fbc9

    SHA256

    984e0ecbc41d32bdb82d0d50533d82784a27d42fd99d75e839883fc762e96197

    SHA512

    6a6410c3bf43988717f1dd6b5fb375efa81f8957a3ce0c638536a9eabc83f835bd3bf849d56e710a1d48dab06a276e1415b6c5fefdc4d471e76a0bc1500c683f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee344ec01815e32d62a76afd1665eaaa

    SHA1

    312deb5f0c92bbbb8cebd028e0ca4cdee92ed092

    SHA256

    310309e771abe8d78eac4ae5e3d9891316ac48c43d37ba75ea6b4a1b2204a657

    SHA512

    996acade8730e31022dd0fc1e4eeff6cb5bcda11462b6fe0b86c29d43622191cd5b749e2e2fd36875c8bc80c1fd162644b4a1883cb3072927184f6fa7e101d76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4af1049aa4ca45afe69981679eab3e28

    SHA1

    d4f68b3118f66d5520690b6324e62989f84f9c9b

    SHA256

    2438cf02d855521f6268b34f2321eb9c43bd5a2a548e400f994b8918fb4868ff

    SHA512

    0bccd600ba774e95835befa6ae3825ff0880ef3fb9a08a7e3a3757b29e90eb8b4e0ae2a9ab6d14116f635fe30dab278d7e30d08aa9bc09d89c5b868d018b7097

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f65fd47a9401d16eb084a78367036fe

    SHA1

    bddb3b80f9be7ec3c53c443037d888ade68cb895

    SHA256

    c3b4efa1540ed321d5d149bec83d68275de1ed27fa1e0531d6cd4dc1cb8a7a7f

    SHA512

    cd48744660ead4573ec7c46887a9c75a2c0f0d31a608d6dc326077048fbc320b857190175a5f78eb54e9ad70b0d6941e40a320c8cea3217604ba888f621ea8f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d1338aba5a9e3f9d64b96ecaaab7f87

    SHA1

    0382d14ae7836d2909824b56e1a387eabaf488f6

    SHA256

    906a141a9541ea9cb04c869fbfbf52fbf32f38475cb8123c807fbb29323a10eb

    SHA512

    8228d949e55c27c7dc36a8ca3f66f3e1a90b00052c748055975f763202a3fe03897c9e677f942cef2060c4cb53c39b65d22051e9445017f0bdde30f590e8ce3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    669d8d008af1796a77ff28510c236106

    SHA1

    8dd952398f33ee70aed83ceb5d2665ef39381d49

    SHA256

    e799f561e6bd6316ccdffb3a8350e70e8426ca58ac46b51af8b90d9ba16f94f7

    SHA512

    8b3a70e2a31750bbf82d0e7f1a165d392446eb048a9e5e54a7375f5ab59e67767954235a0b4c17b9f31cfd2c96a3962479a4ebb4fc6f3ba27c292bc4fd6d2411

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bfcbea5a916eba1bf9ced26e9eb5392

    SHA1

    d8e3b994e69513a295c30378b7a71aa48e1e559d

    SHA256

    85204ac28a324cef6a3322fd03aee8515e8847b89052b5a66c1108feca2f54a5

    SHA512

    2d03066f2ff4c09689c9fa8b98e6514eef2b4a89c323dcdc280d8c2a46b889f3744ae2533b577132f8e8138a0e1ed9b2d66da5da93fd29a2b828cbb9c832dd86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3087adf109d32796e711161fcfa124c

    SHA1

    b2ee3ab3d8741878fa2d94417a8e15a8efb08994

    SHA256

    0edea7d128c0faae97bfbc6cb4263f3cc00449e01306c2dbd89e01bf9fa2f8c6

    SHA512

    55f6c4c5d2a3ef6fac006994433c9434b1e477a911990d08080bb533953d336eb23491e169174e13393dd328dcff711b1dc1a8a5dbc4758950184749c5fa7c53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    671e12968c9c25e1d1911593a182be1a

    SHA1

    0dae4d68a2939b6478fdf90994231e384a39535d

    SHA256

    b1742c9c7c539cabb42fa122f0a12a6bf3ad160e9d613376e4a0414cd3437168

    SHA512

    958b35e4aa2e676fbc1f9dae4d976ead372a965c3ef17a1c600d53b16fb8191aac4ad567512e1d9d6bd32599993a6bd48dec3aa993d584eadaffe77849e1c531

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09a8f1bb45e3d86fece555012154e891

    SHA1

    166e8636e7ee1a0650f82be9a078b6b34b898430

    SHA256

    9a04092bb8808a9ad7f99ac283dcfb44fafe81cf2cad85a6c040a4c66d349599

    SHA512

    b051cb0ebbad7c0d2f380636e6b29ab6e0d8cd447130d141e75c86d1002473cdaf13606edc8888a81e3d875637b46db721e1cc0cd670c47c34974cf8d1185c9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d414d710ce43465d3e980816fdeed282

    SHA1

    fb6f111ff7fe727865743326f0718c57ce592caf

    SHA256

    658c8b942dcd998405b328795104fc7399f3675c5d4891aee31b19cecc2e02b8

    SHA512

    1713ebd443b91cd528af9a83d60030a1cfaa0378ba94098562465f051909c4cdd7422749600d84f25ef24b9ee79f6e8014dc3a63c42b596a33d7d587029447a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ede0965d5d407a72282b2b37b44ffc3

    SHA1

    70329bb2a87af82cab04aa0d42d1cbf0b201d2d8

    SHA256

    006b73c0c106ec95e57caf1149ed2688404082265b7d851bc082c4c9080500c3

    SHA512

    1e9d889b89585594a69b71267bf393a78cccd19e0a5bdb78ec1dc0bdc73ece35545f0265592469af8cfa25e2b3bb5a1a111022c394b679f2cc2622da0766d809

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92d61fce8363f70e4b2be1829e687158

    SHA1

    9ddea94ec7a21032db3f7325935e79d5587a5065

    SHA256

    198cf745a6c3a09367913f30b8b5ed04f9a7d21951c992e2cdc2e7587992cae0

    SHA512

    613f48a24cd44580f5707c56343f1920991e477f9a4f4114f72749e22d24e707ebe8b41455c363d495d5aa879f33bcdee548599de03667cedf27625659117db3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e47a2fda9857186d7acea56865810fa

    SHA1

    4f99682276b7d93c2655af416e2a3df87f84f387

    SHA256

    df68b26c18911127b747588f0708a1dedd25337fcd9111cfa936089f09b6f4a0

    SHA512

    f1423de4d9d5665db34bd064a563bd897172f0cf9f9b93e3f12d8a3e3f52a0a8dfc516baade7e48ed80c51c3ef7c4ddc9e23d675c3e085c7d4f6f0bd035ae4bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b97983aa768368bfffa208bd3c7b13a

    SHA1

    39fe3e2fb0f926229799bb5e5f5a5285fd11df83

    SHA256

    f44985a8906d2d000debba452a4ebccaf8c1fbcd66b595a136cea8a677fd7266

    SHA512

    35a50f9289dd3ef872edaa8fe5e8ce88e5ba9c0d8cb09808b8ba8306a179a750bf1b54caecb7a668822044af03671d087fd09c32b977adf028250b1c1ab46d7c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab60A7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar610A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2104-3-0x0000000000400000-0x000000000047A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/2104-0-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download