Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

5b5624fa29...6a.exe

windows7-x64

8

5b5624fa29...6a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    04/09/2023, 13:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b5624fa293b3ee37fbeb6a2a57e81e188da93be6ab0011f3d5c8e73db955b6a.exe

  • Size

    3.7MB

  • MD5

    31147a33b9fb50a227aac83ab48be48f

  • SHA1

    0398c2a046c1aafc56748b33e088b09b1420f704

  • SHA256

    5b5624fa293b3ee37fbeb6a2a57e81e188da93be6ab0011f3d5c8e73db955b6a

  • SHA512

    2ade4b479a56da306f9d4c85cb6ddf426b24bed3c55e6611abbe453b8a95279848ee93835c82be51e3b22830aa87f5a33c14c21ce868d95568e70e34561c20e1

  • SSDEEP

    49152:WhQ8lPzRnZp4y5C6mB0j4KTB+r5u8QeKxFOJxdb4vZKV8:SllLRnZp4yE6mdVKdzOJDb4v+8

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b5624fa293b3ee37fbeb6a2a57e81e188da93be6ab0011f3d5c8e73db955b6a.exe
    "C:\Users\Admin\AppData\Local\Temp\5b5624fa293b3ee37fbeb6a2a57e81e188da93be6ab0011f3d5c8e73db955b6a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    74040d2880489b2d2a8bc96b875a8823

    SHA1

    7d5b4bc50f324d3fd8daa85a78e298fc0ecebef9

    SHA256

    ea18f1819616dafb2088e7d226909f0d76df13596719e96531267366d1310c28

    SHA512

    8417656de1834eb264eb568c5537ccbd643e9a9e36c8504ceb0e910c25b52be1af8427fc655a91f1aaa292f183881f74ad848711766f6a6c45f14301926edac0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    ecf4f3f7a03000d170de96423d117f6a

    SHA1

    6cb7103adfa08c6000f72b4ab56cda142c49470f

    SHA256

    8477ec49393a40b8f34eee2c8542befea447c96d4be2a6cd7df71906f77a6ba7

    SHA512

    80460a37b2003bad3b3ca94c1c05b530b34097511aa10d7228260f58a483d523501e73a7958ee1d4207e509991a93e94558861fab019efc9a6a4debf45acc688

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    ce384737488f89a6004fb3cd27c7ab33

    SHA1

    ba397e61873b97d581c10049420e3d4519209334

    SHA256

    4b253bb6a561d1be77654f42d0c4265b5b6fc57c40d230011de802043d2cf55b

    SHA512

    335705b5fef3924c482862ec356658cb7dccc7c693e834d85fc25cd2acd1894c6d71cbdcfd6f11befb257cc7b1eb2a2af40d867a64c0072c169132b56f21584c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5C14.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5C14.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit