Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

R.E.P.O/Mo...tor.js

windows7-x64

3

R.E.P.O/Mo...tor.js

windows10-2004-x64

3

R.E.P.O/OnlineFix.url

windows7-x64

6

R.E.P.O/OnlineFix.url

windows10-2004-x64

6

R.E.P.O/On...64.dll

windows7-x64

1

R.E.P.O/On...64.dll

windows10-2004-x64

1

R.E.P.O/REPO.exe

windows7-x64

1

R.E.P.O/REPO.exe

windows10-2004-x64

1

R.E.P.O/RE...ss.dll

windows7-x64

1

R.E.P.O/RE...ss.dll

windows10-2004-x64

1

R.E.P.O/RE...rp.dll

windows7-x64

1

R.E.P.O/RE...rp.dll

windows10-2004-x64

1

R.E.P.O/RE...bx.dll

windows7-x64

1

R.E.P.O/RE...bx.dll

windows10-2004-x64

1

R.E.P.O/RE...64.dll

windows7-x64

1

R.E.P.O/RE...64.dll

windows10-2004-x64

1

R.E.P.O/RE...ts.dll

windows7-x64

1

R.E.P.O/RE...ts.dll

windows10-2004-x64

1

R.E.P.O/RE...th.dll

windows7-x64

1

R.E.P.O/RE...th.dll

windows10-2004-x64

1

R.E.P.O/RE...ty.dll

windows7-x64

1

R.E.P.O/RE...ty.dll

windows10-2004-x64

1

R.E.P.O/RE...on.dll

windows7-x64

1

R.E.P.O/RE...on.dll

windows10-2004-x64

1

R.E.P.O/RE...3D.dll

windows7-x64

1

R.E.P.O/RE...3D.dll

windows10-2004-x64

1

R.E.P.O/RE...at.dll

windows7-x64

1

R.E.P.O/RE...at.dll

windows10-2004-x64

1

R.E.P.O/RE...me.dll

windows7-x64

1

R.E.P.O/RE...me.dll

windows10-2004-x64

1

R.E.P.O/RE...es.dll

windows7-x64

1

R.E.P.O/RE...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    108s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2025, 21:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    R.E.P.O/OnlineFix.url

  • Size

    46B

  • MD5

    59bf167dc52a52f6e45f418f8c73ffa1

  • SHA1

    fa006950a6a971e89d4a1c23070d458a30463999

  • SHA256

    3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e

  • SHA512

    00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26

Score
6/10
defense_evasiondiscoverytrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    defense_evasiontrojan
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\R.E.P.O\OnlineFix.url
    1⤵
    • Checks whether UAC is enabled
    PID:2896
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcc78c42296990a5002b665e4eba69d9

    SHA1

    cca09c41740bd01760ef3cf1534ab975c0251ae7

    SHA256

    3bcce1f4f0ac93d27d94a5d1fa995343710b4b4cfcee99b3858b59cf3732fa40

    SHA512

    cbd760b5e77592d09066e946fd2e0e75ac5dcdb12bd9ce5364a46f2bf8aefa431476b3e8c99d083ed17263272cb5ccd9e55967327efd72a0b74ec90c898a29bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a68b57789437dca5fd0e4f5fe4b133f5

    SHA1

    441663c4a885a7d95c235403052daa16a51077ef

    SHA256

    9c55b6eae2f3856c71ac9720a39e19f6ce966a4fe45bc0e19ce24c6590a4bca4

    SHA512

    483904df457d358e1f7e57950a337cf4f8c0f7f27d25044bba6b6f04bb0ad7396206cb77f6815bbe3723662e9670b25f89c61deeb82abf1f26f1c726e017de65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7387dd4a3c840ad3707e42bf88116722

    SHA1

    86f450fa8af82ce4f7a28a801a1a91b606bb0cf1

    SHA256

    fdd5d85927bd1410af2752356f4cba91bc0708b37d0f7d4860bb9999845b9dc4

    SHA512

    92bd9ff780b0beead70a3bfafd564bb0faa2fc364b9b712ce26db7909652895665d410bcabb7176993a8f7aedda247f87e2cdc70d13e4e6a3dc01a189d40a372

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    012dc0e4f56a49eb570de1263c0b1ae5

    SHA1

    f3f1ff943e76ee97cb35270d340856f28a4feffa

    SHA256

    233394781e8cbb5299d39e6756b70b109bdf459a62fa3526afa9d3c7594d4d11

    SHA512

    fddb0ad447ffefdbaf93d012eac03eafe880295ba7199990d2a86dd7fa16c2f06b55f284852fd5fc471d42de37b4c1d59febb0fb42c1808c3080f5d4a521c17a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef596078207d01da0b3477a3e074fc73

    SHA1

    85b990d9f72083505f8e47352a06d689952b1af8

    SHA256

    404050b8d08e3fa0c94ba88f024cc97ff55785c0a3684dcde2ac5c9cb1a797e9

    SHA512

    79979cf4a030a0a61bea15e4fa386b87035360a0dec4b3a9ab72aecfc16401e86e882bee63b36aa6959d51b6b4f005b6b35c80d4fca6e209a977ba39122bb650

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94217dc5b471196c8a2807bd41202324

    SHA1

    1ec2c605321c8cf6d4bbeaff20aa3f9aed4b21ba

    SHA256

    13eb5f00d0fdb454974ab0b65f0093927080f3e6865a6e6bee81381d16f98b98

    SHA512

    7e73a500b4a57b7432e73330a5b98b752e7638f22a2335e2ed8f555dd19e9287c6f5783c728e24ec0578004b01e7a9027fe5bdc4c35cb4927adcf65bff14528f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64ff40b3b2e0cf3f4986008ac11e42cd

    SHA1

    e9ff52038e3b0349ccfc1bea6596895aeced7c60

    SHA256

    aa770fc3484e528df2397d4e3e70646d9cb4a46445f39b641be8dca869728d93

    SHA512

    a08ae4714a111f3927ed31ef39cfb5378dd1ec334975e0207dcc58371a956dcd4e0d1052d136ae8992674731ad000ff11f6781e3a3b6ef07da26447ee12b051e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6a2f9b6ad3bffbc99a2fd98fe7bce7c

    SHA1

    5d3a7012142208d3bbef34105bcf454dd616dd76

    SHA256

    e72bf5988f91ca7a3c294b464222087fa179d52485a352aa7c9663f3717cb390

    SHA512

    516b86697743e15a2bb2e0646552f82b6d66327e1793af3ba5f93cc583f6cb2d4c362709c18e9d4ac631fd50ecc9590c7b75f0393c57593c0182b7bdf59aa50e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fe5bc7a6c882d430b31ce71a5a90f07

    SHA1

    12e225e0962cddf5c3dea1b636443d199dca4b0f

    SHA256

    8d15cb68c3576de6806fac20ca9fa7055b32c2248bfeaf0305099af502d99a55

    SHA512

    cb628bb853b1601023905665ee19c29fd8fcd1ccdc872202e1c378f8907bbec1405228ba6ad6c103134f6c6e8db3fddf0ddaa75f65ad5945798125d2d80f4d0e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab67DA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar68AC.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit

  • memory/2896-0-0x0000000001F00000-0x0000000001F10000-memory.dmp

    Filesize

    64KB

    Download