Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

JaffaCakes...4f.exe

windows7-x64

10

JaffaCakes...4f.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

AKV.exe

windows7-x64

3

AKV.exe

windows10-2004-x64

8

HTV.dll

windows7-x64

3

HTV.dll

windows10-2004-x64

8

HTV.exe

windows7-x64

6

HTV.exe

windows10-2004-x64

8

HTV.dll

windows7-x64

3

HTV.dll

windows10-2004-x64

8

HTV.dll

windows7-x64

3

HTV.dll

windows10-2004-x64

8

HTV.chm

windows7-x64

1

HTV.chm

windows10-2004-x64

8

HTV.exe

windows7-x64

6

HTV.exe

windows10-2004-x64

8

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

8

qs.html

windows7-x64

3

qs.html

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/02/2025, 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    qs.html

  • Size

    1KB

  • MD5

    40d00fa24b9cc44fbf2d724842808473

  • SHA1

    c0852aa2fb916c051652a8b2142ffb9d8c7ac87a

  • SHA256

    35b0f1bb808e1623ad534fbc1e72cea25ac28f71340e9c543f01d1bfdd094035

  • SHA512

    9eb750e08ca9750988290626ae8ed32a2ecfa7c8ca021b3e26b3da0a94de952b991a9a6a0ad5729d7d5ccf7b3b36fb36fd24047f705d0468ad04908ba8a7154c

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\qs.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdd68875b162054bf59ac9bc4cc15e6d

    SHA1

    099d5305ca4d20ff0b6e299ae1d0c953268faf0a

    SHA256

    93562e8d9216bd78f8c84774fcff5b05976463f54c9938ea8bd6a15d02236a2a

    SHA512

    a73b60eec6b3bd21208dc9aa4552ae9fec1c11238e9192dd0c21959208285d8d099455de985d222c9802cb3cb72d1e06ff54632f62465a9e28377a6ae69f45a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa411a862b2a09cd9321dcd582b3f11e

    SHA1

    a05f214249b1a80a98d8361885b672a273b3f7b7

    SHA256

    32d5a8d0b07d7a87d6a0030598895b11325d8a6b1581ac5be5c4d688f878c2fc

    SHA512

    d702af72e6030c7d4c9e95ae890c405882871d34a5dd886a44ec3a14d364bbd144829db69733a724fdf1d33aa0ea8da2f61d08b7d0ff7188f4904ec30e227c10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2377cc34870af3ca08700eb02a6b3c9

    SHA1

    bdddee57a869e8ef1ec8c63ffb7103891f23a8e6

    SHA256

    d60c14bb895e123aad7a8690753dd6efd08d9af5e845ba67786ea1cd035b8f41

    SHA512

    c4568b9cd8acbb9722c54dd9540c3217b2eaf7c4d2ff679de6d3f2b18114faf67b7ae601031d411449270ca5dc615d662f9c8f5f2315957c602163b6924c1b95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d8b476ce4abf13544fb03cc76331de4

    SHA1

    2b2f1e21c8230725244e342fdcd9207ccf388d70

    SHA256

    5d92a58ea8dc4618cd568e7bc351ea3993894ad5742daf0d8d252a86a90948b9

    SHA512

    8f2f397888f2109f9ff2595ffaa5996b6c843f9d52021b3515a783cfabc716bc436e9055d99c72acba74a5ea7f4597e3790098bd2fcc3c97d53f94feb1939996

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e2eeea1175f38f5bb6c921d699b1335

    SHA1

    841b11400c1b1fe8ecde922280944f9a82912995

    SHA256

    ae5ffc0ed23ef65901c5a8f15d313ffb04227e38bb0f1213fb2176ab7f068ffe

    SHA512

    3d07f368178ef85cdd4eacf0b026367518a21a6750e9f94af794d16a81456bc1f66d1659ad41156bb5490efc67a9bda2024fc9c438022f24a8f8da12f5344cb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1688f96b1356464b66fcec8ce2d7d2d5

    SHA1

    3540a100165e1b520669fa30005dd28f363664ac

    SHA256

    04ea434cfcc1af0aceee9931348025418681372827ada2773dceb690afe54bff

    SHA512

    8d4e56936fb2bc2f7f96fa21b25929c4ad98b5b9b063a97515abeb66f64ff6bbf06fdc80a0fd5e3a19641be8f7d43bd8dce912e393c60cbb17cc77bdeb829c8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59d53d1b51012f5be7a4eca551abce0b

    SHA1

    68db23d2016d351364ddcbb92d5c7697e2b1da51

    SHA256

    a9bc6fff655590849f3c1da0491abfbeda6b4a7ba0638cb1225f66979b4bdded

    SHA512

    de83653e9f0eee266014d02d6e44cb960f4b9e8f07941144c3e46a150ec51509999616e4a86e026eb7914c780cc6360ddf2c2799c18b12604ec51eefae53e0ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3148566887d26b8ab66c5d0dda6750d7

    SHA1

    3786c085c795a6fc81bb7c83c2d3856921fa9976

    SHA256

    83fa654c056375687f5ec1368d94715d739778004b393dd2ed01f4a013ed6329

    SHA512

    5c811208038b53af37acad7dc24d5d6f675b366ba53aaa2ee177f77028eff62eaf07c7ad564428bf9f22d77afb95394a56ba5f0d18bf3184c58ce9980797f536

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27f0755a2657981eb911760a13fde940

    SHA1

    1509c3b54d64df1a6d549449b75ac995a184bb31

    SHA256

    7c4dbbdb645abec51441137d9945b5684f7eb0a41639e0c947a5862bbc7afe81

    SHA512

    31aaaadd2a105bde64de321d90dbe9ae3a54f0fef61b12682c5fa79bc1d07d8fa1eeca77e5f795185188623669494ccbeb13e403f9cc572010b8711b846e18fc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBD5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar102D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit