Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

About/About.pdf

windows7-x64

3

About/About.pdf

windows10-2004-x64

3

About/eulaLic.html

windows7-x64

3

About/eulaLic.html

windows10-2004-x64

3

PEiD-0.95-...le.bat

windows7-x64

1

PEiD-0.95-...le.bat

windows10-2004-x64

1

PEiD-0.95-...in.vbs

windows7-x64

1

PEiD-0.95-...in.vbs

windows10-2004-x64

1

Loader.exe

windows7-x64

10

Loader.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/01/2025, 12:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    About/eulaLic.html

  • Size

    8KB

  • MD5

    a729d63514511766fcdd2de19cdbd017

  • SHA1

    737827e5c0ab0adc287d3b3bb16d26a9a42f0939

  • SHA256

    6dda16414ec5a7f6908f6088ea5edb7c67b024c3f695fbf7048ab823bcfee728

  • SHA512

    ad6bc65c950a94383f3f1d987508d22167343db632412b74d4734482916a7c18981dc8d84c57109f0882f6c5c6f280db876bafd24837f06996614d1bb9ce6ee2

  • SSDEEP

    192:HLFjO9B8eBfDX/Ek8IFyMlgy/RVr1YGrtsk2whjPYwWkpeFWlMddhTdLVxFl/:HLFjO9B8eBfDXoIFyLw1YGZsk2whjPYL

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\About\eulaLic.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2164 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a5b9a19cdfad3773ed6aa3b8e22dd3a

    SHA1

    49f9e63e4416e37c5c8310e243ea186762ec2426

    SHA256

    aee3d70bf34a94ce0d7ecd70d98895ea385545ccf8e2887c6e98751e72142867

    SHA512

    a0cbbc633fa3c748fbff1501f887bd5a5c4dfed193c4f27beb3bdff61c0648c7c9f57f4ad196c3d2a6284d61dfe343e1f70c251ff09fe3711c41e21eac4d82cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9150a7f1f0c065de8ab139f53265ae0b

    SHA1

    47e9b991eb8d279083b1383078f2aadeb4952c83

    SHA256

    66dc92781f824818a4001e3bfec7adf1d485e995860114dfcb4318908faf5a40

    SHA512

    26734bbb35c002ef366a983ed1fb66d191f743355ea25984401bb74bbc98a862282b3d0544f75c747d4034b08e3305a7e6d448bd5e0dba126f53c4fb12df58f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8879d65084c394924908b098c033cf2

    SHA1

    e2acfd8143d844525d24e89bff671234aec8ff38

    SHA256

    d4c63bd1b6d951d1924f8d62cad8afb47cba05bce19d03c8e3a21ca963291f03

    SHA512

    e1f8dc9dd6ea0bc2850c95c857db4d12bef1498985118d888013318deb2a1a706f649decd5be517abe0a5ffeda9b7e7647350cae3095bdbc0d135a1f9493c769

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c2718cbaf35bdc9080ed72ee3d04aa4

    SHA1

    0fbee725ed7538ff7295b68c0575202118458e34

    SHA256

    fad77b53c9ffc3c55c02e42962792efff77ba4e686a8431c75c17d2976bcc2b8

    SHA512

    9af58a2f2f873bf860b162b6671f7106b88138d0a8b9d33f11c6ffeccb493363eaccf708c397d7148bdd8834d5b0191c839848d019532a9b1dd8c0ef9dbd272a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8376716de78bfc1d439a0f4928d4290e

    SHA1

    a6fa4dcab503568427189d4789ff63c2d92dce04

    SHA256

    e3b3347eb3b6683481dd826ea8f9a98d0f0b663784acf1a646591af23970f963

    SHA512

    a2dd9802ce3c97a0bb57d66da3e54e39cc69051acb431d6a16accb18f5c59bde2c318961b880c6de66f7a35cd35ff0ce4ffe52c2e7e639fb02a3e7d651e2065c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e805d2c650eb20dfbd846e4b60dcbf67

    SHA1

    84305caead080ac0b5971a4aeea223f25a534c15

    SHA256

    e5028e09225bdb7a4db539c2e0178db84be11417346b3361a1e4b1243e534dd1

    SHA512

    8ded162136ebde73723607e148a5ec8109eab4f481ff3634f9d0c3d99c3a4504ca941503e2c8d52c4fa4a8c69f1726ee7439278fa9acf274f71845edcf56701a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75b864ec0f77d7a3beee7e4373641905

    SHA1

    ab325959b60116a6f32f4ede4ded724f0fae2346

    SHA256

    dc4084b49a8a431335d5aa2ca1024822efb087bb5ee891e1502fd4a74d528396

    SHA512

    803bd793cf3660d75c98fb5022833c989ccb6fba84bd3c7a478068e5f22922770a12816d1a642f194dc3c0702ee7703cae92482595ac24b42c5c7e362947b143

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99142ec68e635acfaf1d710efeb47bf8

    SHA1

    8a1383bd983566edc64492f6d1479ccb45df34d8

    SHA256

    172addfa0421ebbd44eb14a6fc3eef7af46f60f4b13db691906a3fe36cbc4e46

    SHA512

    0bd87a66c32c29bc020377a5213caaff2d4914429ff44ccc724a27268568e0962280086fd66d95afa0b011e47cc143cddb9d9f6abbf68d99cc0acc1a43247d80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01a03d551a7e4fe8b4516b40688204f7

    SHA1

    007dbb124a439ce08dbd4f10db0592bc93188916

    SHA256

    eeaf25875bbec445068afd6f3717900b62fa0edaf68782dea79b86ac897a0331

    SHA512

    520c02dd6ec9625a8c108566a19c21aeeb640cbddd7b44a531ffe5eacdde6e062948a4795ceacdea6dad335b3e8563d955bbcd1371cda55d23b0a2a01e081a89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f86961ecead69816a0360ca2f9091a8

    SHA1

    d4fbb9602a476b37b7f5ae860a07ea1267056290

    SHA256

    18cbdc44fa1f9cde7508942c2fbe0bb518dd35b34dd17d5bc169914f5e8cdd34

    SHA512

    864e92dc05f2a9b469c0a60fb6ec74eec09e5c0e229e02c169e7994839ace1eff8c01b85b78f7b1d3e49c80c403f5c30d05d761e958a7e58db16e8e1446f97bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cf23bbe960cec8349dc72cefe0cefbb

    SHA1

    dbf19f0ab7b54b7b6bef38e49e55423213f89090

    SHA256

    d0694938dd3a4cce4acfcdc3290fc028a9a174a1c69611cc30d2253e9ccac35d

    SHA512

    b0769d4064dc1df57ab0f87b1140511029f31a009a2076d19aeeb7019a13906cce6dadaf841aeb02d1e3bb9c09b99e4bf74f4fd0b41aefb1d4c16081860353af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54fce933fc4e68cad90cc9bd9ebd65d4

    SHA1

    5cf44036cb0261464c8f8ff0eaabbb59671e0b28

    SHA256

    adea780b31bae56892af7dce44c1a8de530098c265806e28c6369fa6807e14f5

    SHA512

    b3c8d859d08d9b39da010be2bde50f64d9af3e03fd6ba94435b206082cfaa3d5b918cd426e08b32d07f999cfc0d14ec5a2339a0eadaa393064c5498a6d134508

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4113ea2f2e36cee5b8eafd2a3d561b5a

    SHA1

    15a362a49c2fb065dd5d43daf54ef865819de0a3

    SHA256

    bd05db8ce15963a070ac2b2ec90904f1102bba9ac08affccb7c0b543c64736f9

    SHA512

    3a4f0ed8bf08f439d5f4222e25453a0d9f1e90320b429480c4b1efd4adea7b198dac7b5122b9fe6dc5e8083f4c7ff10a9fea9fc9b127953392db052b97e0631e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff642bbefb5b533c73ea8c41d53b0ee8

    SHA1

    2d53cf52c011176ec8c7ba98a61cadb3067c5110

    SHA256

    dab0610e7147176ea025ef12a8bc6c63e08df573375b0a199874567115d03bdf

    SHA512

    7a97302511a739854284dccaa0a185c26ec014a9add6f798d09f16ed6b42d18248d41a9ab654e456c1adca2c8549e87e1977ca1cef1d13aec0c68a51fd2e940a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    856284e1f62d047f855abd79ff1d5f02

    SHA1

    c1f2ed126649cc967b53d8fcbcdfccc15930437b

    SHA256

    00321494c0562109694a7733050b383bf2abc42dd77fe8949898dd47759e4138

    SHA512

    b1423948d0db2ba4b1d19b788a86638a98829ed339242e483a49eb89465152f8a1fa61af8b896f06232233ae11dda02478a3148f580ac4de719f5f78c581a998

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c95de8de259b127f3e657198b00cc62f

    SHA1

    1aac1f07199884afc365cf2081cca783cf98b276

    SHA256

    a956bb78e095b97d362018f42a40875938f965cf03d0364097c2d3b945677d55

    SHA512

    30c3421b833e426683015ba03c1f2d77a64de8a97878906c48272c5b676084a4b8ece7f036e866c7de7756ec75d1a6d262b7c557b180be77cfbb48da61ab805f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4d66bbeeb955e577d21609471aa5750

    SHA1

    d5ba0fde157d8bb1f8353ff24a0a5ee646ec3db6

    SHA256

    70c061fdbb7a4245832d78eac1cd565fb7b7232d42fec9f599e36d0da4992af4

    SHA512

    546662c5e94bd5ad5ad11ef742b0c6cd9e80b218880edcc9e5de0102a505ccec8808d3305246ec6ae445f990aafc8cf87c2ec00a484850471adc4d52d44ddbc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    676cd234f600de6cf52cfb90820aad2a

    SHA1

    6923105323728bd147e9a35b6478b6eb1c7e0b8c

    SHA256

    ba2b1d68d5bd51f176d82cc1e620a8fc3c505ddf40b13532d621bac7e55c0986

    SHA512

    c5e0595c84d6563e2437136219399b038d1cf172251fa8ab124fb2b77c392b5512d679ee64394947214823aad1bd7ea249b2225e53f96535277525ac2157ce50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53c0626edae88747a422fdfe0235cafc

    SHA1

    50aa17d851556894090ee608f350644d12764741

    SHA256

    79d8ddea423141e22c49ff8578e041268840eadb556be2fe9ec26c67501fa7d3

    SHA512

    f79e695a133488415f2f92dc7fff16e1de3b15a1ed75455aaae0f627d8d8e231638cd37a8917a6ee92eb4bacc817b51666126843fc6059eb7588ef998f029524

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFB90.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFC6E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit