Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

ccd7d5dcab...71.exe

windows7-x64

8

ccd7d5dcab...71.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2023, 22:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ccd7d5dcab9918cca7db7ae012b7265afec0bc9e184f0e25719f4fe14cf78371.exe

  • Size

    3.7MB

  • MD5

    1e2646e2740226fbeaaa274f4e03cb3d

  • SHA1

    50a2c8f52dcba98089f000d0904731ebeff92bf6

  • SHA256

    ccd7d5dcab9918cca7db7ae012b7265afec0bc9e184f0e25719f4fe14cf78371

  • SHA512

    f029f60d0a47fe7827e9a05f82c1b70239989ae5a138a2d506f1dc2ca196d09b713e50ebcdde564e318686fd24f84503f0a391486195a6b97a61b256d313863b

  • SSDEEP

    49152:d6x/NP5OJ7noS95X6mXfKezLGB+r5u8QeKxFOJxdb4vZKVH7:Udh5q7noS9h6mvDDKdzOJDb4v+H7

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ccd7d5dcab9918cca7db7ae012b7265afec0bc9e184f0e25719f4fe14cf78371.exe
    "C:\Users\Admin\AppData\Local\Temp\ccd7d5dcab9918cca7db7ae012b7265afec0bc9e184f0e25719f4fe14cf78371.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2424

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    d5cf27e32343cf8a5003955980f511a0

    SHA1

    ccce6ed6918c4092d85cbff47d6f7571b92abd04

    SHA256

    0d09bbda4cb1ae6ded24ee284cdbdd3d866ded0c3fbe08e6a6098d50a16992fc

    SHA512

    18584c89327134813ffec8e60a6a567231d05698b18dd81aeaf18938199dcf7bd62d5917dc37e3015d135cb14ea6b5407c0e7fcc32f534188b546c503e9303a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    47be287853c951414311d5c35430341f

    SHA1

    e6fad2b59c33fc26175886ab15e6095791c3bdaa

    SHA256

    fa89c3dcd007a3fd17d3dfce02ff1597892fa469a8cf8ec2cfb17369e9d48aec

    SHA512

    0a0092f2f7efeee30c98b60d3438cf950a96dfed2c4c5d2ed06e8963fcfac9d10fa20f1592a497725972304ba16935d6dfa3fbf475a74b9178c5f19aa324f8a9

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    0686402131d55ef9734b9ab98bd84156

    SHA1

    d0228dd79f3474addd700998193d34d76e45cc4f

    SHA256

    fe7b9316441bd40fff2aaf376400f2564c56c169f44139c44650eac0b0f756fd

    SHA512

    b61ff56db573411bdb6d310c6185d7033e75413818646aee5208e0279a96b73dcdf9d0ad13af8b6274a4009c35565822ba62f0822bd31b7452d51d48a7d56020

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7475.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7475.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit