Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

f32be7280d...f9.exe

windows7-x64

8

f32be7280d...f9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2023, 05:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f32be7280d49f2c195e5c21c47bc2e58f7ce2124e758f9c15646b3cce09e4ef9.exe

  • Size

    4.0MB

  • MD5

    c95ef09b8c394712d0717d9f22c5f02b

  • SHA1

    983b2d29a43bedcd6d647bed273d40fd20057f7f

  • SHA256

    f32be7280d49f2c195e5c21c47bc2e58f7ce2124e758f9c15646b3cce09e4ef9

  • SHA512

    28f70ee5b3d9ed394efa04f75362f5551940ea6a78ea6d5343892929007290008c35831312645f07f79ccb4a1216bcd5746409777107915c92975c05c75d2761

  • SSDEEP

    49152:40N3IpkodZfdlTXKnB3nZdXarY+r5u8QeKxFOJxdb4vZKV:Z3IfZfdJXKB3nZd+KdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f32be7280d49f2c195e5c21c47bc2e58f7ce2124e758f9c15646b3cce09e4ef9.exe
    "C:\Users\Admin\AppData\Local\Temp\f32be7280d49f2c195e5c21c47bc2e58f7ce2124e758f9c15646b3cce09e4ef9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab96A6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    3e119be08a026f576aa0aceb9e41fa92

    SHA1

    2ea553389d7abb0b798b365319387ea16ecba8dc

    SHA256

    b0d362db3264b42f8113cc5c264d07b2e1ab98bb7e6f87325d8a1924ed862687

    SHA512

    11338a761f03a67f8c0db91d145937398f7f31891fb9d1df11af635a88172cf34336c6192f5a6cb4465da08edc69a61cd7024de7650db74866d8b2cd852d24db

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    2e10019d8a7279031994f72e8b430ea7

    SHA1

    d067478562fcb67531b10a3c3347afa9632a3558

    SHA256

    e1534443da9a9cafed6a32c86e2f5f24e9d595c16a32b8e0edacac5ec85312bc

    SHA512

    5707a4e5476c7874a63dd27015359b80f2140bf61463b20fe59cc8644ebb265adbd7be8fb643ea0346615fa970b3700aa894f71bd6e8cb97f9602f099b455a7d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb84AA.tmp
    Filesize

    144.7MB

    MD5

    332409d5436a6ae6463ff9a0b2580993

    SHA1

    71a219b692d905f5993e9a5a9b1e7d12656f4c9e

    SHA256

    def9df6478ffbafc318f98c0b4b9a49dcb900a250cf0fcd0bee91a9ac6050628

    SHA512

    06a7c353a2c17ee93208372ad03ab37a2eb492b8dfc0331a04390238e7f89650817b3ab186fd2fe49b3ff601e3a18828e2b1e3c1f6315aa82d9726f5fee90430

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb84AA.tmp
    Filesize

    144.7MB

    MD5

    332409d5436a6ae6463ff9a0b2580993

    SHA1

    71a219b692d905f5993e9a5a9b1e7d12656f4c9e

    SHA256

    def9df6478ffbafc318f98c0b4b9a49dcb900a250cf0fcd0bee91a9ac6050628

    SHA512

    06a7c353a2c17ee93208372ad03ab37a2eb492b8dfc0331a04390238e7f89650817b3ab186fd2fe49b3ff601e3a18828e2b1e3c1f6315aa82d9726f5fee90430

    Download Submit