Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

ccc132e7ba...e9.exe

windows7-x64

8

ccc132e7ba...e9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03/09/2023, 17:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ccc132e7ba2814b15014c92b771219ba2310aeb141c0b29bed115f3423803ae9.exe

  • Size

    3.7MB

  • MD5

    688b619aac203bb145188c421011bad5

  • SHA1

    d38d639c4c11b1963c06acb81281c1651691c3a0

  • SHA256

    ccc132e7ba2814b15014c92b771219ba2310aeb141c0b29bed115f3423803ae9

  • SHA512

    102496323e3760886052e3f9f27c35d2c65d7b2930a1cc684311261100c309c29a9a268bd49fc81f9e289aa7c60a697550ae0598b3c55f47f057de5b248cf753

  • SSDEEP

    49152:WhQ8lPzRnZp4y5C6mB0j4KTB+r5u8QeKxFOJxdb4vZKV8:SllLRnZp4yE6mdVKdzOJDb4v+8

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ccc132e7ba2814b15014c92b771219ba2310aeb141c0b29bed115f3423803ae9.exe
    "C:\Users\Admin\AppData\Local\Temp\ccc132e7ba2814b15014c92b771219ba2310aeb141c0b29bed115f3423803ae9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    8dc8f075ff691dd2dab29446e97ccc14

    SHA1

    fca3415b7c4ca2c91d1e805422af91f37eb3866e

    SHA256

    eee2d7b043066a147e31e921c1be650a86079440f5e4b314a82c9fd6442352e8

    SHA512

    0e0db0bf1f288a88bad5877cdeeb173503efe2596dfd8a4edae9f7e7c5ca532bc1077f3bba74a94fe2a51d07dd666cdfaf7c9fdf8c501852351f63fb20e2f6c8

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d3c4b60beda1daaadea67cae18ac223a

    SHA1

    5b8b016fbc2251696696596c5247c54f922a1023

    SHA256

    7b97ef09f5dc0cf5ca37863c86666c66601eba4ce0779d580c0c3d56635b7d53

    SHA512

    e3bad418b2858d27ad5d98474bb8e50f63ee5251029c12d77ecda1d3678c42e299c5b28978d4fdb36affb7c9a866bb44bb8be8d6f9773c676a352680882c4ee2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb51E7.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb51E7.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit