Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows7-x64

6

Analysis

  • max time kernel
    28s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 11:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/drive/folders/1IkTZqwey-jg3rlHvtOVIiRnEJLXYmaH1

Score
6/10
discovery

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://drive.google.com/drive/folders/1IkTZqwey-jg3rlHvtOVIiRnEJLXYmaH1
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2480
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2480 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_D9127F9BB4C9955D58AD28496EF9AD71
    Filesize

    471B

    MD5

    f71e435881a607e82bce17b0958f7e23

    SHA1

    1b5a9fed22ea82dad1e3f9b2d95e5a4dcc51bf97

    SHA256

    e34a7116f9587ef0837356aee4319fe8a855a6a3fe66c98545b26c195b589e09

    SHA512

    a6e12dce1d840543828abaebd49e1d430d9f5fd4f602c0460d13c688240e84fee75ecb933d7c02a7badf346d1907b730d19c57cfffd50b3ca02355b67256db77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    405cd51918015d2ee179aa14d45f3e7e

    SHA1

    043fb765d969d324b337926a80153f843c1e695d

    SHA256

    e4e9ff8fba372b3388ecb4f12c0d0bb4c44759b99efe920f66185eed84a5c2a5

    SHA512

    06465e4dcb08ae912404f47fde800115895b102e7211f2bc3434846208dfa66d56dd2a65a7d9fbcb886feddbb14f00d4e0e4c3d1d2c65cf2d978706e29303c43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b59d6d49171f556d7c8c9547f498020b

    SHA1

    76e68c0872911cfbd179706569c8c73458584976

    SHA256

    4c4f9cddb9e70290cca9247d5af8c58555888331d6e44a1c4bcee400615f2e8d

    SHA512

    84f94c4b4da82f317c4c84ecc7eb42e172c43563e9cf2825bb2c5e847030cc1b3cab862a8e4092a0bb56e29eb1354a3d43e466a6e41c4088c3a402e811718600

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c54614b79a5726949d0916c498f19bb1

    SHA1

    039025e46878daa00283e5a4d52a2a6af8dbf59a

    SHA256

    9dde80648d9d8a507a0493cb3a87325ddcd27bff16b629a01b95c8a5f0cb28f8

    SHA512

    74793af525ef92d5d4628627c9810839fcbb6ca68d46f27b70366c83991c8c651ffef9d7ece53434bdc0458916770c118a66311bb4aeebfdd96c3789d16db749

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca2b4b8d22426c66ae52c0021b524969

    SHA1

    02dea73c627ed59f4dcee7cd5eacca9673761ce0

    SHA256

    afc0371ca572ac8c86f692365d8532e3c0910bf31932640c9f9aab0907102f85

    SHA512

    241c48813e860ac3a4e5c03e81cd387cca4ae60d94a3e16812c1228afb35f7eed36bc5b12860f6a00b41446bd1ea86f2cb2fecbfe4a319b7e91b6b0cb0a719c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f22c61524a5172b5f1a6c2f399f78fb7

    SHA1

    ccf2b7cf3c99f8358a81a178718f4b5a17427a7b

    SHA256

    0aef94059d6a169e07b10d7b252d2d37d16ecaabdd133a2079a0966872e227b7

    SHA512

    c37fb07f907fd70ed907cab45ae9ffb0e0a12cd61f27f70dedf2c47ab3a860207d249f1e8bf596068c335305aac68cac2ffd77d44cd0215b643e816486dc370a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4843c33bad1234763ab2a7f9d215580a

    SHA1

    6a2795c02f50e5197f295e45459e33339cd925ee

    SHA256

    2ab315e0de476c69b0023e97923127420a00ccc019eb367e34a8a29d1ba4583c

    SHA512

    e2fde9c7685733840f500111542ac262de7faa5dae022f31db6aedb550adefa4ae1d0514824b2c0b22352324cc1f2be8619fbf209b83f40292263d9cdd5cad1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5aff7cec134b0d80713c541e8399e281

    SHA1

    921c9a521a1349f6cd81ef4a8878a22a2576398c

    SHA256

    b7c81e7c4ee62441dd32d629afcfe4913b02f9b27fb18dff632c99021aabc60b

    SHA512

    2c2c53ac4c0d52a65b2fc0c16e72c427acd599d6e5724333b26b2c132327c9af61a470a0383914dd227e9868aea950b20b394b9a1726062fb2c488645c7bf634

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad0e8a7f3917b1cc8464401ed3804070

    SHA1

    3eeb154228d5bf7c9ed717dfcdc0cc1534d44085

    SHA256

    87a3a8617f49751ddac25182c42698501f0d08ac9c8017094c035ada50d9d60e

    SHA512

    27b49714f63dd38323f20b221a70e97b71b1b750f682bc750a063eed6a4b2148b634e5e7602deae56cb77439052781138796d502088d94dfb345c96cfc2577c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B3513D73A177A2707D910183759B389B_D9127F9BB4C9955D58AD28496EF9AD71
    Filesize

    402B

    MD5

    41d1070bb91297458411450489c975aa

    SHA1

    089f9a6d94529c00b874536c8243a457b5d0e547

    SHA256

    151c12380b79062c097a3ed07b4fc01bd793fc409b9fb0f166b2dacede458086

    SHA512

    914a2e1384e56d160566cfcaa3fedef7eebb05876f750539cd7ce86c6856dbe6e9815031a08434a5fb1caeee9750ec3a010173dc42da4871d01479a0246264de

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0qn8gcy\imagestore.dat
    Filesize

    5KB

    MD5

    a7e756cec05ff67bab16ce49c5789a7a

    SHA1

    2822e23604428631751cf2c8f3240b7237498855

    SHA256

    9935a57aa397dcab799951d14582308d2511a5cc35e3e52cae6131d4b6c4f3ac

    SHA512

    51040f2b79df9206c5b86f8fc79be25bfb64e1389c4f9fffdf6f6f3dceb6eecd81208401738a70a644c26601fe04abdacba45460d2edd5c7b02157106998eceb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHT5LGG0\favicon[1].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQFHO95Z\analytics[1].js
    Filesize

    51KB

    MD5

    575b5480531da4d14e7453e2016fe0bc

    SHA1

    e5c5f3134fe29e60b591c87ea85951f0aea36ee1

    SHA256

    de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

    SHA512

    174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDE30.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDE33.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit