Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ehehe.html

windows7-x64

3

ehehe.html

windows10-2004-x64

3

Analysis

  • max time kernel
    30s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/11/2024, 14:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ehehe.html

  • Size

    48KB

  • MD5

    91a9df74986fb85995081f8ad5ebb6f9

  • SHA1

    22b3ae2e0fdaf3af7e8969bf3d3aa4c128680c7f

  • SHA256

    02c0bbae36eedcb216e5e02a96ee2a309e375dab09e6925ba5bd1fa4b576384e

  • SHA512

    37ce451372ecf374e0a4ce3e3645c70d3977342fa5fd0304202728488731e9a3d95f53722e6500c0ef496ec7137c359c364a37e8f41c19117378ed60c5a77324

  • SSDEEP

    96:germrDWKoifuTW3/r+bu9xLuEO+bDHiD5ziV6MW0WrsK8etxqwqvwhg/e/1nnzy3:lrqne5TyYoHyH1kF

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ehehe.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:840 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2880987d7c8438d987457dde33a3eda

    SHA1

    9417f3bb9f20314eb8efac9733d6cf6a3de180ae

    SHA256

    c42722a445134f73e5d4c375faf85c809939b114e9599eae7298fd8b6eca62c2

    SHA512

    1a726ca06ea4454d6fac4469cd1316b9bebf2f10939a8ce94a445861711aa352bbd580497d0a0b6c5623e1f27b342f86096f1025f89a6089e8c0a839684b8fb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9098efafaa108062ca1e527e836cab19

    SHA1

    8f7b96ccd44e06ef3dba7a64b06a28a877074c73

    SHA256

    8848d8d872d5dce4ae8c9bc9b2824e57efcc99c82f716bacbbdbff1f4cf5e7da

    SHA512

    79ecbd08c6ee749cb2f76b5558ce89ac20781b9b87911f8ff29e4298c22f7e918aee5c7cc2e948e216df7f81711a7abe2f23681c2da3967e958ba5b21b2a3e77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff06167b477e92607ab8f936837d9bc7

    SHA1

    9ba361b935338d3520b91d25df7017753d062543

    SHA256

    8c1250f8e270663476c626e9981a6b996716505fa2c4bc49a1d6f63cb46e9ce7

    SHA512

    b78eb8689279f7ca01b032b6d3ca50824c85deb26bf4ca5b570b484b1dd8794c1effc836bccdb8c8fdf217983937968481aa2768495048fe8da1e671a45ead45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ed1d97ed311f65b8b7236bd57dc7405

    SHA1

    dd3a1207d1d12b25f75a53ff910990c9912b547b

    SHA256

    86139c1210186a98fb4d3393fb56aced469409191332e007952f3fc4c209e9ab

    SHA512

    d20b16b21e5d5530977a56cc8f1505fdd14c25dd23a08f75e85a6f3fe27a9ee6ec25fa395381dc0bf6e65f5115d82b5cd4a6fd0125f4fd818267244603b3f60e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f64e6d3dc2cce50efadedd20d2a56a61

    SHA1

    68ff3b97c342f6184f13deac9469345701cf8207

    SHA256

    f077e4e19de3a3d7885e773cbb78a9455433ed86ee8196e689c6c24be6b9f2ac

    SHA512

    213cce89a5ddbefd420695fba8eda8c331ec1eb9054b1ad8176d1c802a97f6d7f759cfe3f5994c84afab14cc8cd4dce8e2332d5d145e135eced06a51b1300953

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad64c815065fa6d32e84f254f589f25e

    SHA1

    3ca2aabb053e3857b56e8265362587773cf1b0e2

    SHA256

    55df06f45578cd10490838f43e787b37c22d6527915e5f4614f1e34040263284

    SHA512

    637ec2ae95ac88485328a30622e74161dd63b7a188023b12513042c18c3e68fcf7e8ea018d8269d06190eab66cf640e9e25af2d2e2a71df9d2129ac349167abb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12abf9ed0ab6e058bf783a88c9cd7d27

    SHA1

    151608f40e244835b8d80fb9df050a89d3e91cdd

    SHA256

    9e65f2cb776e74b8c6c66a166b88167939f69705c7d55c2dac6ef97adcc017b1

    SHA512

    4b8efe91e70c5e065a6765248e5dd68e6f673462ce59dfb0eeb4b5181a523d9dfcdc08e744d1c142cbd5a971c2095940b79bf6dac7778ffd3db5b56d7320bb2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30d1a9ea22986ce7b2f7f5892bbceb34

    SHA1

    f4a8479f892b99b353fc38539a18b9099e3a342b

    SHA256

    3dd8575f9f5afc99862ee4479ebfd4c5bd92a3db20e84f3b2d6d1ec2c0f7fbd0

    SHA512

    96f9cc3e9ad76319d1196f85cb56d2ca7cc075bb5da5706fd68656fb37a9e2bfc025a2be624d7e467c60a4b8cc6d335e982f51b20046c2e762122dbad4299476

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b20f258363d1b2ac128d41cb33527103

    SHA1

    6e8a6a20821df29c20b6b3ec6eca8fcd562df1c9

    SHA256

    80f03863bb8c8649da58728eaeb99bd9b943255abd39295c6bb01322584065bc

    SHA512

    5cec83e63230fbd810133689d5a99d9989309931b2ed2614670b2eb6208e7dbc002576fc9c5965c4bc836649c0ef470745830033c23829b1302b9e593851862f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC093.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC162.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit