Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

1247265e41...08.exe

windows7-x64

8

1247265e41...08.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    17/09/2023, 14:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1247265e41cf51dbfd02be339baab500b502519be7c6a8d86f97576effb24e08.exe

  • Size

    3.7MB

  • MD5

    632a6937a61ac9ff7ccdad754031b095

  • SHA1

    99d5778261af37c49e267e8d31f6038c015c99d9

  • SHA256

    1247265e41cf51dbfd02be339baab500b502519be7c6a8d86f97576effb24e08

  • SHA512

    0a62d4ffb0d307b03354c306a71db3c136cab2feec411425e613b7214cc48a5a281ecf8aa434d99165ca36467f7d6749506a0d6c917c6c46dd3285169bb7808c

  • SSDEEP

    49152:iDCLomiK+15C6mBPtS3FpAB+r5u8QeKxFOJxdb4vZKVx6:cootK+1k6mLYKdzOJDb4v+x

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1247265e41cf51dbfd02be339baab500b502519be7c6a8d86f97576effb24e08.exe
    "C:\Users\Admin\AppData\Local\Temp\1247265e41cf51dbfd02be339baab500b502519be7c6a8d86f97576effb24e08.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab4D68.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    12c4f83e239f84a27a71c8e3e41b0dee

    SHA1

    d75804c6f0a04f7b17442d40e046c9ee0d2759c4

    SHA256

    186d40a679a8eb99216609bfc622bff70d5892bd074ac792c68b51d60f0b1eb7

    SHA512

    f9746d55dea2e117f8b2403b185eeb0e332945677d5d32a98a22ee0ab41c4341abb641e154a0676ff9339833409030f3cb9ee5db81d2ba65801f874ef2f1ef67

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    8328ca23f6e980f08bc223b54cbb83eb

    SHA1

    62f1f71fecbd2c2cb295f16f78eadadd0a0ed850

    SHA256

    cde4ce36ecf942896ac986c27313bddaa94d02b3e7c13f537e74002231936af0

    SHA512

    7b8f3dad063b2490aa4dd349a557375ac26d28536c758cc9e7a55cfa6c0de959e1ff193d100d9f6002245a3b03a29fdabfb753541e784cb345dcddeca3f19b9c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    5c4112c84e2ec7325070717afc46b759

    SHA1

    f492cf1459143f8deb7f27d1b099d27bfdcf6d25

    SHA256

    bbceafb7fad7f38f8493ab3128dda33fb5e0ac98f8447e45360d10562371bc1c

    SHA512

    39e2436c94645feb118ff64f387ea4688e53c131dd4756f2a2dc56954cbe2fe1e64a45fb29ced0b48156b3186439df7784b6eed6fd3b80110883771d4ccba13d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb496F.tmp
    Filesize

    143.8MB

    MD5

    41e85a08b909a7b5bb0fcdbab3fd1048

    SHA1

    1c6f936c04b34b6f93f3361ebdeedaf95faeb77b

    SHA256

    e341180d389549f84087cf50e85ef2fde6b3870fdf4ec56f32639763f642218b

    SHA512

    8f1dee3607facf8b6ccad20c8244f33a619512cb23496ede62b2fe413b9caa630db484fb9fbae44aad726f9cc4a66d01f6d4426822453e66e79709e1a257ec5d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb496F.tmp
    Filesize

    143.8MB

    MD5

    41e85a08b909a7b5bb0fcdbab3fd1048

    SHA1

    1c6f936c04b34b6f93f3361ebdeedaf95faeb77b

    SHA256

    e341180d389549f84087cf50e85ef2fde6b3870fdf4ec56f32639763f642218b

    SHA512

    8f1dee3607facf8b6ccad20c8244f33a619512cb23496ede62b2fe413b9caa630db484fb9fbae44aad726f9cc4a66d01f6d4426822453e66e79709e1a257ec5d

    Download Submit