Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

R.E.P.O/Mo...tor.js

windows7-x64

3

R.E.P.O/Mo...tor.js

windows10-2004-x64

3

R.E.P.O/OnlineFix.url

windows7-x64

6

R.E.P.O/OnlineFix.url

windows10-2004-x64

6

R.E.P.O/On...64.dll

windows7-x64

1

R.E.P.O/On...64.dll

windows10-2004-x64

1

R.E.P.O/REPO.exe

windows7-x64

1

R.E.P.O/REPO.exe

windows10-2004-x64

1

R.E.P.O/RE...ss.dll

windows7-x64

1

R.E.P.O/RE...ss.dll

windows10-2004-x64

1

R.E.P.O/RE...rp.dll

windows7-x64

1

R.E.P.O/RE...rp.dll

windows10-2004-x64

1

R.E.P.O/RE...bx.dll

windows7-x64

1

R.E.P.O/RE...bx.dll

windows10-2004-x64

1

R.E.P.O/RE...64.dll

windows7-x64

1

R.E.P.O/RE...64.dll

windows10-2004-x64

1

R.E.P.O/RE...ts.dll

windows7-x64

1

R.E.P.O/RE...ts.dll

windows10-2004-x64

1

R.E.P.O/RE...th.dll

windows7-x64

1

R.E.P.O/RE...th.dll

windows10-2004-x64

1

R.E.P.O/RE...ty.dll

windows7-x64

1

R.E.P.O/RE...ty.dll

windows10-2004-x64

1

R.E.P.O/RE...on.dll

windows7-x64

1

R.E.P.O/RE...on.dll

windows10-2004-x64

1

R.E.P.O/RE...3D.dll

windows7-x64

1

R.E.P.O/RE...3D.dll

windows10-2004-x64

1

R.E.P.O/RE...at.dll

windows7-x64

1

R.E.P.O/RE...at.dll

windows10-2004-x64

1

R.E.P.O/RE...me.dll

windows7-x64

1

R.E.P.O/RE...me.dll

windows10-2004-x64

1

R.E.P.O/RE...es.dll

windows7-x64

1

R.E.P.O/RE...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    158s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20/03/2025, 15:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    R.E.P.O/OnlineFix.url

  • Size

    46B

  • MD5

    59bf167dc52a52f6e45f418f8c73ffa1

  • SHA1

    fa006950a6a971e89d4a1c23070d458a30463999

  • SHA256

    3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e

  • SHA512

    00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26

Score
6/10
defense_evasiondiscoverytrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    defense_evasiontrojan
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • NTFS ADS 3 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\R.E.P.O\OnlineFix.url
    1⤵
    • Checks whether UAC is enabled
    PID:2760
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2708 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • NTFS ADS
      • Suspicious use of SetWindowsHookEx
      PID:2844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    08a3907bb27a714dd30f6d46bb5e84fc

    SHA1

    2d6f46d7017ce1c2fabbb5b7e742c16082d6a225

    SHA256

    7d30445355e1c48fbc4b96ac6613f2daff97e60a9847dbf7c6fce6c3542c2431

    SHA512

    15197139be93d1e0a93e15175b5ea59fe3feab7c92688065e86987674b834a83d3965aa5920818856437269354fa4a61798ec368fa4e8295c5162048ca14f987

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75b623a7583f021565d4e416b63092ce

    SHA1

    54956024c71edf9ca29db595d376cf68fdf5c470

    SHA256

    125bfd078b0072fcd2dc1ac4eea539547f014e01fbd5555159c45b953bbcb4e0

    SHA512

    fd7eccbec4d92bff4c7a553c39f99886e50b2a4722073d1b397ec3b636f30afc8de744110cdc6058c55828dbfd650ec119ed02290ac796d6c2d81e7163281c49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    592f6611e46676e2b8886e1ab792ea7c

    SHA1

    cc98d340e626fbc84f523c537cd7a34eed451eef

    SHA256

    57073811210b637b1d33476d371546191bc75b88f7af3a9a154c258a67f62145

    SHA512

    6d4995bdb3c86acb70cec9192f106ebafa2326b1aefa75507c6177ced041fda1720f61f3242e368563242c4ec76d6e441bdfd01363da8be26fe0484b8a9ae825

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    036a4f4b682e0f97f99bc8cc264b15c9

    SHA1

    2d764781b48b76a1fdd9b4a7c4dda12a9e4bda5b

    SHA256

    08cf703247d3d28d85856365e5cc580ea24dd92389557db4029628223b57bb64

    SHA512

    5c4aa236bdacc8c9d0dd173c0d448e2d2d598ddb867e0d00e5b3993b333ce705f97b9e2d4bc1945c8f6ab85a2113782b79dd94c8fac8189036cf4d23986da3e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91cb02a775c08b70218cc43b559ca3d5

    SHA1

    796c8e3bbe36700bca776f11ff1352bf810ddc04

    SHA256

    7581b81c0705221a613b282290bc99de8fd46e6c2c596999c131146a134b3745

    SHA512

    a54e947038908e662219c9726015380401f25abb4352c9780fd99a7806af2778331862d48506e510218c7a6a01c5143b36a93dab37d3ab153d17df229f09de9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    979a30e91469ef36da5d9ee4b13ae9c8

    SHA1

    80774dae2a44e0fce8eba18fa6b89d6217e97067

    SHA256

    4da2de25b60fce2bbf70fd7d45d4a5d938f34625d3135e1cc9cd3152b9e4af37

    SHA512

    5885e71b19886a494fc4a4969ca69a97905bf067f85d61613a0d302f90cb92be1f440a7fbf83d3be901155e4eeaa5e9fd815348bb499c5e9a0f09919ee7692f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcfdc5f44a9e55ba680f141f7c16a970

    SHA1

    43c89337bdb9231447fd8cfebe8f7365e91932b6

    SHA256

    1c8aab2015eb847072f2ec9977d1a57443bec27f12da183538be89269d23a40b

    SHA512

    a8f8ee03a816acb4cdbda4cac21ded2d79f4a39a7de878ec2b8d3f741f008d86f3e03749a0009f97281b16e3e23d50fa129bef6ef5bc59ff8a9b9bc0a2f29077

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6ea4c62f3764d37151221b6107a9afa

    SHA1

    816f6a8e614cba5e1765b6aedf8b99b5c8605372

    SHA256

    6a534c25986106d3cb55a36d4eb9c3c4cfb8072d1451d4e2bf01a12be23052a2

    SHA512

    adc169ab33e3875ef48a7ea404c9477a7cf6f88be75d9448161a108a5f9da444090720f02da15791218a3079dca2e1011178513650750516d90538117576e3c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37d0956fb552506e62bf65e31f30fd8c

    SHA1

    94a176817e17372d2557a4fcaaf854cdc9a0a75a

    SHA256

    62c7c74eeea4dd69f686a5b3b3e773d0fdcbed0df3a737e7008b2ec8154a7f6e

    SHA512

    fb25e677b50579603f470e0842e75dfa4246e2c2152a19eaf01cb8bbdee737f1365da4205651e17ce40db291d3d22f9dee8d98f970c3a2452b5b0f67d281961d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ae2603c3b2baf9b554d36c2a88f71c4

    SHA1

    4bf08bcaa31f08b5a36f9e715417e3dd5842be5f

    SHA256

    d2f6c69e5c644215a8dd9c8c209ee68259ea1e492c5ad5dc116f82b01dca940a

    SHA512

    9a8cee012dacc05f759b1977bc7fd13190a2d9532f235402d4e00fac94d825c36e4c6a2c9f0c97d6a8ac762233241ec880b3491ba7a7ac33aca5cd827ed03488

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9318cb5dc3cac262dca8f2000ccb7f18

    SHA1

    c3b2e1541312447f276c2bdc12179c024e688e60

    SHA256

    2908c6d63b70a54d22f2aa71cc2197dc173b43f180bf34f51b94f095aae40fb6

    SHA512

    862d52e177bfd6c3a58acc4ace089ce9b5cc3392e5453edf225ecc6be294a6aedf4df5dd2d60fa4f9caaf1177b0aac4452963d495a3bbad69796d9d60ea5cff2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f02f7a5f35393107fd6af770c8982b10

    SHA1

    2fbe449c7b38d854c74fb29f8fe17ca2ddebba3f

    SHA256

    3e728275579e7e4f30ac405279390a326e2e1fcc5d1151d1f990597de200dfcc

    SHA512

    64ed9f328d81e2d19885159b0729e496efa3d19a161a64d53752eefe6555b6e0732ff6bda6bcb8806e95236d3be96d50ace38e96908490170f498bb24fbf158e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0eded52564ce1fe24a80f59587a45ed4

    SHA1

    483ea9c5135d6638b144f9cd6776f83f318014e4

    SHA256

    6212157dc8e58496f1aad9e4e5794673e60562d7f89add464cc5340e49943b64

    SHA512

    a9706d4f0969f274918d91d174703373d8d66f222929308dff22a47e9e7d951333ecd5cfe6bc437555a21557ed049964220e067ac8df54b8a8db08758474ffd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61c9a6a3d83f2385399289f8ac16978f

    SHA1

    51648102e96bfebc1515f6dcf0cf2797f7022e49

    SHA256

    1ab58a1dfd4f07ed7b8e15cad29917409da46ba42c410e3066c0c65cfd730589

    SHA512

    28fc05d2a6139b0c01e4ff0a8e187a83b6278cfe952489dab25745065c83114e49c5de542468fd0f81d503a8c1562e05358235818f6b9bb9df5fa68df19888b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    eb640d348460fedbe2658d82c927170e

    SHA1

    c13955066768fee9ab5c011f84cffb32c1ff3762

    SHA256

    8d10f54ea52b42acd1f21c404a3995818c5339fa99b8ca5db61b056b2577d308

    SHA512

    34695063708b54b97a28053a94d01135b9f9a94db0bec8f6110d6faca7a15af97886cfd19051b21773a13987a92d2fa0d541c1548a5d7e14fa6f28cc6e41ef2e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\M316IAIH\online-fix[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\M316IAIH\online-fix[1].xml
    Filesize

    356B

    MD5

    d5278268a21dab6a634554ffba94ecff

    SHA1

    2dc28966c0f07cf9a3ac9649a0d854f871972c63

    SHA256

    9ca947f97050c347adf679644695929a7e3752e8333a2d1c5f750e5370e659e3

    SHA512

    5debc0c9355dffe2bf315754865b7f081fbcf7d5a83ac4e77f3ca49b45913a9d9c5b45bc339e80d27b915a5b839fb66b0fee59b060403bfe6049feeaa98ae4e1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\M316IAIH\online-fix[1].xml
    Filesize

    2KB

    MD5

    354fceddf7f049caf2c224e0cff074f1

    SHA1

    4893f2f0252874e9850f37adab8ff88aa33a79c9

    SHA256

    53dc9f19362bfb785cec94843c1b0fe626f25f297769fb8cbb4ef6980386a21c

    SHA512

    f6cb839c5e7d9c37ea8e3968461f8334b5e5dd6d7184955fe3f2760aceca12ff03c08f7103c92c23752502a21761e4f2dd514453ebdb93c7287f82187737f029

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9fajjbh\imagestore.dat
    Filesize

    1KB

    MD5

    4064d3e2b3bc990fcc3555e5b5e8059c

    SHA1

    fe84494bfc182c42612b9466fbeaf529f15088a3

    SHA256

    56354c57c86144bee6563a94338b4641cbb287a979a5ccb3ec2737c3e5639d92

    SHA512

    7203712929cfc87e21ae8c53decb4ed82a03c3b2d91724a381b37d943733891dc6d169de005b2df361ef7b09d09af46f7f06b6feffe2890cd165fe67aa4f1f9e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0WBLVJY\favicon-16x16[1].png
    Filesize

    1KB

    MD5

    89db4cf9f3e2951f677919931ae16d12

    SHA1

    c52a7d97ac4cc838ed54ee9d2a682c9305a675c6

    SHA256

    c1fff90e1a74d5b51203f2a7b60270db5a105741217a3ce1d1a220504e43e96b

    SHA512

    5c7f06bbe108ac5915c303e32253ccdc78690f81c096568234a6a1f4c7ed8d2171266eec91139820bcf9222268ab90a9c79882b10a2a190ab81eadb5d61e7d7d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC544.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\R.E.P.O\OnlineFix.url
    Filesize

    111B

    MD5

    57c7beeea7204bcbb6560fbbcb44d76d

    SHA1

    d1caa04c49c7ab6b43bbcbfada38bfa67622a02f

    SHA256

    c500ffd86849146462693e9c890cfe78b0170c0c8d97dfc6ea13d5eb5da518c9

    SHA512

    99d7ca8873703764cfd8be7da7699c4f77afb8c20d34c820651ebbd0b37c2293e40de1427f1ff82bd5b9af576d47858f7d92b05052c3e5a8f05fb45f7030fed1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC546.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC5E8.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wwwB157.tmp
    Filesize

    46B

    MD5

    59bf167dc52a52f6e45f418f8c73ffa1

    SHA1

    fa006950a6a971e89d4a1c23070d458a30463999

    SHA256

    3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e

    SHA512

    00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26

    Download Submit

  • memory/2760-0-0x00000000001D0000-0x00000000001E0000-memory.dmp

    Filesize

    64KB

    Download