Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

DEVG3SWyqK...4.html

windows7-x64

3

DEVG3SWyqK...4.html

windows10-2004-x64

5

Analysis

  • max time kernel
    32s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    17/01/2025, 03:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DEVG3SWyqKpJcgd9q4.html

  • Size

    39KB

  • MD5

    f41b82718cdaa9248e40191eeab8a78b

  • SHA1

    96af473f0ee1d6473aba290b8aeea715af6c5873

  • SHA256

    38df6a2b5a58884cfdc1ad6f6c2d644a85af9171abd8cd64cfe568c29988a300

  • SHA512

    cfc5aef9ce1633726058e6fd467a31e708e2d5a831792da3f9619cfc4544b55c12d0082ec63ef51231f2ea7fd3f9aee453b1ac2ca332cc42b427cf1af926dba3

  • SSDEEP

    768:mOIfRIKQFP+o6e47J/bj0OvqSvIePeffUS9+3oV3AY8iwY2dGJbtXDtebqLHIZ26:mOIfRIKQFP+o6e47J/bj0OvqSvIePeX+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\DEVG3SWyqKpJcgd9q4.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2576 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2132

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd31568a8c88a578e155ff1bbc11b6ce

    SHA1

    fa14119f457fc2a5b1753432e252c68bb2397282

    SHA256

    6aa03cd80f87313171124f68fcff12ea9923aeecbe81512422077f72d59023da

    SHA512

    0f84a434d41cda2bb7e2374e85a5853dc5877a8011f9202b10ebb2a36726498637a58a5487c1af9f1e957bed2057f9dc272936d704955396bea50d2a82696208

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d585f5ddc6c70c189fa755d90905e39

    SHA1

    9142a46238a21ad37d560db06636c1a1a8512d64

    SHA256

    6e424feb01340c55952fb127257b4bc5fdfa02ae5473de2c533735f899b354d1

    SHA512

    0eb1fceca2b798734575ec3f25e17503e3de46a4100dbf7a69ec9d03a63ad7afea48e5b4d30ea579be151c1bdf626f607ecbb5d39a7869ecc3ed088f1cc09550

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    739547bd1d364818901435aacd2c0fa5

    SHA1

    297204862f8cd34926805a6eab5baa5faa94803f

    SHA256

    e99855342becd0aa1af5c8d64eaa33ad088b54d784a313b0ac8da1892fa9bdc6

    SHA512

    8fc29d2c11d8db5dba9d06d3bae9bacf099f18fb15771ffce2c91c496b44ce88d9d81e68a0fa22242fced4a6ffc95c456617678ad6f3190efd6120047c074368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f04c3d27e59a047bf4bf0b9a152d383

    SHA1

    d6f7705161c68912c3f21c5dcc0a89dee8b872f6

    SHA256

    0b2829c045b32871df8708530cba40c9b212c4b064202be6a7154b86b553114d

    SHA512

    1d81e327181476b53aaba0781e714739a16030cbb9e1481e8b46f008dce156887aebe8d8ff86cc7f3ba1d49ca2847f87620bf7ff9b4a37a5b4564a706cbd595c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c010b3d476e938a45f85909dea91d16

    SHA1

    389dfe2c76b7bf3263383b67bb99fa9e725303ab

    SHA256

    85f98784270b6ebcca97e7e015ec7c40b989be05114c091cab6cb3b674700c66

    SHA512

    c8406b57fbc36e254544eb5eb582e58cb1f1813590a3cefa85cfc2da3057a21c25ff6e08d0d0045a8fcf7bb1d777ba8f582e9ce0dec88ca658f60150d667b939

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3ecf2ab2e5c8366eea3e49a6c31ff8b

    SHA1

    ec238edbde603f240b60e553a0603602989927df

    SHA256

    f2f93d3875035b8ab738c19cf95530470e0a286d88a43105613973a7b5c04b0d

    SHA512

    7858113cccf3548ca47501c58ac51cd4dfd444ae713a4f1c7f1a710ef09dd50020c1b3fcd00756f40d3ff61d6a7090b9b475bb4ac17875cb9de1e3a620627ea3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12a4352ec344751e97b0f211fafe2e0c

    SHA1

    ed5f8593a97e6b0a072e0cbc5f68c0756b638871

    SHA256

    09ed46f60e1802998d29aa29e8ffdd374d21484c9520f629f3bcbbd7c89dca1b

    SHA512

    104b835eb8adabd60051c73083a5d89456cece0ed3a9ce4266e6bca804fa76eef310178115f90658f4d34cd3a3e703d149a30ac5009d3fab178eb2e07bbe71b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85c0974d6125fcd65161c5090152737d

    SHA1

    3adb41e04e470e855fba39ad470537d3d0650079

    SHA256

    4d8fc1692bd9978582f7d3adcf40b2d9c55a3c1c8f69873657b50d56fe365104

    SHA512

    a113e9c9698409d30a347888ad8343f3011213078c26b109388096628fc8af4ea5f9017bb6eac0c21ffe0074a204ff11e313a593cd884271b06755b3d5a5e4b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6b097aca1a5526ca6abc28fb45d02d2

    SHA1

    c36f9a5584a133821273480db41e8a99cf9fa322

    SHA256

    44595ec1ed8e29c471be5758e25ccc4b7670739cf8a74f9592eb6c25bea427aa

    SHA512

    9a80a4e027d42becf3d18a2ef79b645872590afe0408e2e8ab243d91e5549baf72035ed1780fd6987a279bac0a15b37722443891f5017346833c4c36489d5df8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6D7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar738.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit