Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

URLScan

urlscan

https://github.com/p...

windows7-x64

3

Resubmissions

13/10/2024, 17:27

241013-v1fj7stajn 8

13/10/2024, 17:23

241013-vx5d6asgqj 8

13/10/2024, 17:21

241013-vw7swsybmd 3

13/10/2024, 17:03

241013-vkn7easaqp 6

Analysis

  • max time kernel
    51s
  • max time network
    63s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://github.com/pankoza2-pl/MalwareDatabase-6/blob/main/Trojans/Windows%2011.zip

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://github.com/pankoza2-pl/MalwareDatabase-6/blob/main/Trojans/Windows%2011.zip
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2540 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
    Filesize

    1KB

    MD5

    f10c7cf332957fd6d0fc766a08cf7deb

    SHA1

    f206c0e193673555c5dd1c37b30948bac874177f

    SHA256

    485a02ddd21a9d1e715c677a161645b04703eec8f95323834c768913746a717d

    SHA512

    83c3f48b0682983fb4bd3cce54bfb150947d3492bc776091897f9b43349fe901752e85d9f577ff28e5f215ba1a62aa4d6c69a110c4a6ffab2d1f680e8cab7cad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad20862a69865536de5bc4a97c8c9e3b

    SHA1

    003834f71ab8a51a52cceb875bfab44509da521f

    SHA256

    355da8ce9c2e17ef1a8148e1183334dc904b42859c00819808ace20f57d20251

    SHA512

    bc67212b59caa928989c24e116d2680350ac16d46354766de8e3a3c311b721dc01cf73230345256573844e3e0d2860ad89e799d925fe29c19e8a1890bf81618b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24f5065ddd362fc9b885113541db949b

    SHA1

    6bf595d3488286d820c9b0a95002f879e412e150

    SHA256

    763c14afb92621e95a8c27679ea870c410cd2988f560569c7968e147f65806b5

    SHA512

    0279217746dae7c7c5991bac7545fc5c60fa274b4cd8c1ddf14ae5590174e3770528b62ca98fa036e09e6b1755a8e4bdcf1b493c9b9a593e2c0abd7148c6a5dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b66fb37676834bbfb847b9b9bbe095e9

    SHA1

    d06e30d322f50ea383cbe1d890d212b091fdcdf4

    SHA256

    67d0248a61d7469f91e2111fc5558d8bcbbb33230c61f870b0d20ae2e4d18a4f

    SHA512

    b620b9a0a1b2bcfc9c16df85aa88d3fd38c6424a80c4e534523389fc96557eeffdb6b785ff6e3fd2271c6316dea7801402d5936838faf00b54729b96d6ce921c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b98df27b4fd2f3ed3a9d51211fbf95f3

    SHA1

    c80844a9eb04121e50ce45529200f394f9512f6d

    SHA256

    5b35ad8dadf188d8c32f22990cd748c96ead356722356464150c34aca0ffb2a4

    SHA512

    cf217a4b9a643a797685d986f09f4cbc7a9997dbf650fffcf01528dfea4c531497c90138e6fb75dbf1e1276790e8770ff1c9c3b6d4e9c567e760562897f0c58a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9951dd346ef71d08335a4c019352427

    SHA1

    def82715fe41c735164f493211ff42fc4cbfdb9c

    SHA256

    4147c256ebee4a8f7032f364820ceafe2afa54083ad89999fb7b932f7e2017fb

    SHA512

    ca9694054a97f8a22b59f68f3a2bb5dd49d403c3e4eafbc8355ca938cabfc8cbf7e944912c9668a511d05c68a12f5819e523f2c44b0d8e5b9e8b21d4089657fe

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\yiu0yt6\imagestore.dat
    Filesize

    1KB

    MD5

    75321f330c6a72b6aaa92c047f6f86e7

    SHA1

    d195982d61f5aa37de69084f7231541689e16d71

    SHA256

    1dcacdadc070b0307e5e477785fdd6378104338b8c70bd61d71a516162a8678d

    SHA512

    e12f95d2c0ff19a6844d57b0660e063d1e6e7a751eb552b09dbf76cd287590b6f34e023bed283d4688ff5273e6e1222c6b73c6af28438d1a9d6db368de20d0e5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\favicon[1].png
    Filesize

    958B

    MD5

    346e09471362f2907510a31812129cd2

    SHA1

    323b99430dd424604ae57a19a91f25376e209759

    SHA256

    74cf90ac2fe6624ab1056cacea11cf7ed4f8bef54bbb0e869638013bba45bc08

    SHA512

    a62b0fcc02e671d6037725cf67935f8ca1c875f764ce39fed267420935c0b7bad69ab50d3f9f8c628e9b3cff439885ee416989e31ceaa5d32ae596dd7e5fedbd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD403.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD416.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit