Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

c95cb92bbd...30.exe

windows7-x64

8

c95cb92bbd...30.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03/09/2023, 12:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c95cb92bbd39890c5de119d9b9b1db6b2ecc6e608109035c11fd6e99934f8430.exe

  • Size

    2.3MB

  • MD5

    b0e206cb537523fb2c40d2d1417bdd29

  • SHA1

    26876a7dc5b85b8a14af19c0a1ac0408d8e70cb1

  • SHA256

    c95cb92bbd39890c5de119d9b9b1db6b2ecc6e608109035c11fd6e99934f8430

  • SHA512

    11203eb3bbd811c1b01ca1ec862668284fc8064eccbdd876e7f2576e82ff5b262992b664c3dc0d8c259d6ed43cd708a80110d43bd4086dcbacbe45a8df124ae8

  • SSDEEP

    49152:cxefzHKtM0LBvIYkoECOd7a8Fd++r5u8QeI:yeKtnLBvILDCOJdpKL

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c95cb92bbd39890c5de119d9b9b1db6b2ecc6e608109035c11fd6e99934f8430.exe
    "C:\Users\Admin\AppData\Local\Temp\c95cb92bbd39890c5de119d9b9b1db6b2ecc6e608109035c11fd6e99934f8430.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab3AC0.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    dbb338940f66f623b43f3f3a5ab8e01e

    SHA1

    05d66e61239db0ee26f7689f4473885576046072

    SHA256

    b9ad23fcbd9e0915fea7b7dafeeca71c21c7e9e841a7cccaa755e51d09708d3b

    SHA512

    0f83dff17a68ab0d0161dab64073f2eab7d0e239e3fba463f7d97c5f1db7d33fb0f4991fc3e4f850f34aabf9005e7c15c03d2f8c3951a8960e3b829137219d6d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    b00f981241bbdc3986233f284adfd9c0

    SHA1

    3b94e986a53e55a6f296e4241fd3709124f64e38

    SHA256

    79d6958d0c902d0a590b7140d616a3bc9169bab23b2e17a467a3fca06737cb7b

    SHA512

    c41150bd0207ecde0d8a7b7d24112510f329c070ee0fb327ee99ec1c63a08c0f78bd22176e34b45837dc17346af8291eedfead9e3ff8ff06105693c9fd910f0d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3717.tmp
    Filesize

    142.5MB

    MD5

    50fefa934345fba59b2ca7abdcd47235

    SHA1

    f9936b24cf9675eacc0346654544ab719c0062d9

    SHA256

    1d4a3cbff6cd7ad2176ae77b1a621cae3f7eba525f869a3b932932e9c390a961

    SHA512

    0361747f5918131d761b382d7332caeef95e9e9fb9a7c4bc515c3607b6926b7e41fc0fd8cb8bc00c3dd7597f4e8d226685ac53b8641a65ab27417e04bb2d488d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3717.tmp
    Filesize

    142.5MB

    MD5

    50fefa934345fba59b2ca7abdcd47235

    SHA1

    f9936b24cf9675eacc0346654544ab719c0062d9

    SHA256

    1d4a3cbff6cd7ad2176ae77b1a621cae3f7eba525f869a3b932932e9c390a961

    SHA512

    0361747f5918131d761b382d7332caeef95e9e9fb9a7c4bc515c3607b6926b7e41fc0fd8cb8bc00c3dd7597f4e8d226685ac53b8641a65ab27417e04bb2d488d

    Download Submit