Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

8dc6e09591...bf.exe

windows7-x64

8

8dc6e09591...bf.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    123s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230824-en
  • resource tags

    arch:x64arch:x86image:win7-20230824-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2023, 14:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8dc6e0959190d3402bd994f9c575e836401d41437a757c931c7c389c66a83ebf.exe

  • Size

    3.7MB

  • MD5

    8cbbe99b38ba7afe9ca01f8daf6c4928

  • SHA1

    82a9825365d1ae31408d950d5b04d0d8091878aa

  • SHA256

    8dc6e0959190d3402bd994f9c575e836401d41437a757c931c7c389c66a83ebf

  • SHA512

    8a10933f124d61f2930dcb8d2f4f4f6d231ee69bce72cc9b7b7b540cfda8ba9d1490c975535d4f0306fd823e2b225e514ba57f39a369aa9a3e16d94c103b7322

  • SSDEEP

    49152:WhQ8lPzRnZp4y5C6mB0j4KTB+r5u8QeKxFOJxdb4vZKV8:SllLRnZp4yE6mdVKdzOJDb4v+8

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8dc6e0959190d3402bd994f9c575e836401d41437a757c931c7c389c66a83ebf.exe
    "C:\Users\Admin\AppData\Local\Temp\8dc6e0959190d3402bd994f9c575e836401d41437a757c931c7c389c66a83ebf.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    95860d8eb6bfe6f3354d695cc7067a55

    SHA1

    487bb022c99050db88282a8ab03dffdb7e8c8b8d

    SHA256

    fcadbd22b02109b45089a0820845d3a45e2073df60e9085fb4ae92c25117ee2c

    SHA512

    0601f71b700daa7e461f14925f36aaf3682f4bc0d0fef0d69b2cca99e08e31f523c90e0dc950bdb0cd9c526c9669ba5435589e012a8ed1b5d894edf360387bc7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    4cdb58080e669e2c6c12fffc85315b17

    SHA1

    1281aba9daa3aa48cd6f9cd28aa560bdeed2aa8c

    SHA256

    7c6e239699946cfa46359101ed0a38b80153d94a66f00da25495de13de243286

    SHA512

    3b16065ef27c961ee23c2e8f86fd1b19eeb1104f71ab592044f2e8493dffaaf60be551c7948f35f58279c4bdedb66c95e472f0eb05caa3ca8c28d3fd53d3472d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    e0f59700b608c1f8e93cac6ae1e7a54a

    SHA1

    5ac036c10ccc534c9a0fccd1c97f52970f8a3ae3

    SHA256

    2a5b4f308424f0b938eee5ab1755c86adf54e5f110d5225399447c62cb547077

    SHA512

    c905140971cb765fdfc6fb7c4c797674c70020e2653a927ad20035f2ec6ef8356555b866f3d1829ad237aacece541979624eeeea22a6860cbd2ec0c0391dcb7f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybD1EF.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybD1EF.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit