Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

72f9176b49...c1.exe

windows7-x64

8

72f9176b49...c1.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2023, 19:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    72f9176b4970083d8769e2f4c30b87d21c64e1b224553e5f4d0a62cdf7202dc1.exe

  • Size

    4.9MB

  • MD5

    7a67a4c76a9a18314d63d256aa6894dc

  • SHA1

    1da948b85b5b36e1d01863824e8998941d105d5b

  • SHA256

    72f9176b4970083d8769e2f4c30b87d21c64e1b224553e5f4d0a62cdf7202dc1

  • SHA512

    48fc0f76ac4c7db46a7edfc3acb294719b49d2242cb5ff130d28b8201d58a102c49a98b996d1d26c893e2972f495cd494908e5455b8829cdb25d360341b7fe3a

  • SSDEEP

    98304:nwdXBZ2/5fbjORDgt/loIKKdzOJDb4v+rh:GkPtaIJwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\72f9176b4970083d8769e2f4c30b87d21c64e1b224553e5f4d0a62cdf7202dc1.exe
    "C:\Users\Admin\AppData\Local\Temp\72f9176b4970083d8769e2f4c30b87d21c64e1b224553e5f4d0a62cdf7202dc1.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    d06007ef49748a76f54a50a071f3f3cd

    SHA1

    ed89666c7ec2272c787d0e4d1e26c3fedc15d5f2

    SHA256

    11aed9382e8e814355bd17692fe158b2ec606158fac85f5e046febada216e6a8

    SHA512

    a62844193c2e89257068f1a5dbc6adf97dab368de60b1eb3127ed94c40f38c6910ce00ec120361e6c769a735e86b89b383e84ea5706c871fcc337a3ed94a878a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    2fcca9056c1ba48ca3f17158b49112fa

    SHA1

    d38b4a2b697596527c70f985cd4e4eefeeb23e43

    SHA256

    670c0a2476e0321d16530e196bde63c042037db69c2173194978ff232b2dd00e

    SHA512

    46be617d58d5572ee8f41e9b32fb9423512d5f52eaaf5bf07622aa4ae063e405612df574a068fd69dfb27f65389000a82b4a4933725d2f5ebeb96096473457a7

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    0d618e38406b495965a791e29406fc23

    SHA1

    4263aedf966539739954590491a921f8507582e8

    SHA256

    ae406572a2fdd09287022699d8383478ed8fdfff186106402b629569be9a7676

    SHA512

    43584b502ee44f22afa0ee7243e01ac98454300308e10e19194fcc47ed90ddace24ab8bcdfd12f14537c777ac32ea73ff5cab7f7cc8fc955c98120ce0415c3d3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb696D.tmp
    Filesize

    135.0MB

    MD5

    91d01c95177580fbca03bc0ac47b892b

    SHA1

    15c4743cce8c2129be2ffed1cfa54e574e130480

    SHA256

    4171029a1d31f531d9197dfefe4bdcea8773d6d6f553be6c44e6158d56546ccb

    SHA512

    51ef49b8c76e0483a4349afea25396c7ae4c61ab2be356036e6252a96bbb9dfeaa931c23203a629ca1e0fc9a93645e6316d1c5f5be632b5e13c46c8c2ecb3303

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb696D.tmp
    Filesize

    135.0MB

    MD5

    91d01c95177580fbca03bc0ac47b892b

    SHA1

    15c4743cce8c2129be2ffed1cfa54e574e130480

    SHA256

    4171029a1d31f531d9197dfefe4bdcea8773d6d6f553be6c44e6158d56546ccb

    SHA512

    51ef49b8c76e0483a4349afea25396c7ae4c61ab2be356036e6252a96bbb9dfeaa931c23203a629ca1e0fc9a93645e6316d1c5f5be632b5e13c46c8c2ecb3303

    Download Submit