Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

6ee60b23f4...04.exe

windows7-x64

8

6ee60b23f4...04.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02/09/2023, 01:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6ee60b23f4bb05dbc37273d0346c6ef2182f9db35fcb5d2b808459812072b504.exe

  • Size

    4.5MB

  • MD5

    26a143057d3525a10373c15278aca979

  • SHA1

    63c91319aa57f64c16c673c7b57a3e78a19a8314

  • SHA256

    6ee60b23f4bb05dbc37273d0346c6ef2182f9db35fcb5d2b808459812072b504

  • SHA512

    3cdccf8512b19c50bd042ca4d98658175ba8b79997c522c0e640506ef2bcb5d5d40a176fdb222dc85ecdb4cd585a0d6c69c285684bdb0a0c466965fd7761f18d

  • SSDEEP

    98304:B9xEpja9gwFK2JcwtTwPAHqx+gKdzOJDb4v+:6p3tawN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6ee60b23f4bb05dbc37273d0346c6ef2182f9db35fcb5d2b808459812072b504.exe
    "C:\Users\Admin\AppData\Local\Temp\6ee60b23f4bb05dbc37273d0346c6ef2182f9db35fcb5d2b808459812072b504.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    73ec6e14bcf4f156510592036ae9f0ca

    SHA1

    32a5ae48ba15a7dc6f95b7bd2803319025f637a0

    SHA256

    96de38c57e446bb674db3b75c83bc9d148156da3d0f85f1feeb94c1d1042f708

    SHA512

    ffb42459f6215d676025c9c0416539d2cf550c77ba61a51c8af33488a0d65ccfaa115be06a1738aed52d81c4f23592d9ff8123a41d2f6116012722af7299e62e

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    9609ee5d08980340cd404c23551a91aa

    SHA1

    42d14108092d8c9d4ac4120fe3f8dd0817cdafbd

    SHA256

    57c6109a70ccd79fdc68303d18ec9d18eac59c3f4e5f45e727eb160fb3e775d8

    SHA512

    a66964657c3d8d6319044eb7480d44851565f33dcfaafaec717bd40e266e1c6f7749fea421624d38e69662ee6c61ab2a23c08c5deae3a3c7e8ad67e2d35c9ed6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb34E6.tmp
    Filesize

    129.0MB

    MD5

    db579794312316aa1138d010287a5dd2

    SHA1

    29aa232b671ea24c281ae1e8e3f4e7620f7c2a22

    SHA256

    e5104fa04845b01df203c4fd295a2183cce1f688154ef23ed73fd7b000edcfb3

    SHA512

    d67ae84449d74b5d2426943c4debd381bbb9234f7854b55d64f05472f8de5f7933bece0084bad92ef700d87b902670d5794fcec697135b6d5c22604e6a8e687b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb34E6.tmp
    Filesize

    129.0MB

    MD5

    db579794312316aa1138d010287a5dd2

    SHA1

    29aa232b671ea24c281ae1e8e3f4e7620f7c2a22

    SHA256

    e5104fa04845b01df203c4fd295a2183cce1f688154ef23ed73fd7b000edcfb3

    SHA512

    d67ae84449d74b5d2426943c4debd381bbb9234f7854b55d64f05472f8de5f7933bece0084bad92ef700d87b902670d5794fcec697135b6d5c22604e6a8e687b

    Download Submit