Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

831cadcc5e...89.exe

windows7-x64

8

831cadcc5e...89.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2023, 06:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    831cadcc5e0cdea170f1af51e6b75480aaa1a105f3c9dbf5bc7701ae4da58d89.exe

  • Size

    4.5MB

  • MD5

    ade5e33216b041ffdd7f3afca43096fe

  • SHA1

    c202be26da92bd70feae12b53159f7702e12f0ed

  • SHA256

    831cadcc5e0cdea170f1af51e6b75480aaa1a105f3c9dbf5bc7701ae4da58d89

  • SHA512

    bdf3e1a81e4b2668ef13244c803bafd552957c3e4cadb93c68921db5ca35383d1e096d5a086b4be0036d2895a3684165fc22ccc415dc82d45549b2e7bc300985

  • SSDEEP

    98304:ZOLHzIDtxDSK2Qi26im50OORKdzOJDb4v+:qym50OlwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\831cadcc5e0cdea170f1af51e6b75480aaa1a105f3c9dbf5bc7701ae4da58d89.exe
    "C:\Users\Admin\AppData\Local\Temp\831cadcc5e0cdea170f1af51e6b75480aaa1a105f3c9dbf5bc7701ae4da58d89.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    865B

    MD5

    b39c5d9c9358ec5b8f671e1728560b39

    SHA1

    822aadc019ce011a01e6c146c5a4aa99051927db

    SHA256

    67d5e34d01d95ca421c05279ff30a163e035378c4d0e85fb40684f2e7b3509f6

    SHA512

    fd8ca311987992369f46d320fa49f70ad80c42d8170ed247869e5233731c544f9fc087a4ba91e5d081b3d9664752706a2b9e740465774ffd9f8a15836ff1d94d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    99705e8b3a8af84b7ad2ec050d3003ae

    SHA1

    40cff409e1229372d5c925a11cd87c914c0016f3

    SHA256

    d350b0e4cebb965601b356f69ef71158a8afc46efe9ffbf69ee2269c02968aa9

    SHA512

    a15467c452ef3ee417e67618861b61b9a69cb7275d42bb061e25be86e366e727309ccde9a2b3788e2c56a866f4ec563ca59ad40d981bd9e755b3b1581e63bc80

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    86cf04d9b3abb65ba0d057df214ee773

    SHA1

    4a6b2a68eeed5690a57610d3fb7802471eea3d6e

    SHA256

    f6791df53d8ff328562afc0262a3db93c5d9f7483c8bac1a3e92cfc47c488e84

    SHA512

    65d6fd31ed860f71beb7ce959449b91f52f2c2888005485bbe472828aaa113bbf83fe1619caea65326bbe27d7d4f8e95299563af411046b75af61cb754e1e7b3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb92FC.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb92FC.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit