Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

64a3f9d3a8...e3.exe

windows7-x64

8

64a3f9d3a8...e3.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30/09/2023, 11:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    64a3f9d3a8dc4262828e0509fdcffb57da0bb5db75dfdb06f084a297eda335e3.exe

  • Size

    4.9MB

  • MD5

    5c1da64e8db2b6ff3a6560a783cd73e9

  • SHA1

    308512788926c18a05e490b3eaf10426af759eed

  • SHA256

    64a3f9d3a8dc4262828e0509fdcffb57da0bb5db75dfdb06f084a297eda335e3

  • SHA512

    853b4e45f74bd82b580c97fb3de38ae4693bceaa9bfc1e3f25a921db4737e379c4de33ba8046d35343bc31103390db5b19c12df71260705e837dd885daade559

  • SSDEEP

    98304:nwdXBZ2/5fbjORDgt/loIKKdzOJDb4v+rh:GkPtaIJwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\64a3f9d3a8dc4262828e0509fdcffb57da0bb5db75dfdb06f084a297eda335e3.exe
    "C:\Users\Admin\AppData\Local\Temp\64a3f9d3a8dc4262828e0509fdcffb57da0bb5db75dfdb06f084a297eda335e3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    bebcbdd46496bc8085750ac74be22f1f

    SHA1

    5be3fcb83135fb7c5f0d2dfef4ce28d37ca313e4

    SHA256

    efa07a07660a04a47a613521fa7bfc63beec990eaee014ce592bdf6df912ae06

    SHA512

    b1e8ea050739383f97625005fb9ce9c2ea3256c683b65cf79a79707e6154b7eaaa1a1c72b8d78fed0d35f1fc0f4ad416a775cfe466de1a568b4b24ee912f6573

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d33a327ea60a7b16ac8e9d78966b1c0a

    SHA1

    26f328594a3c04bab1dd4671e6ed40b5e587e574

    SHA256

    2a2be7a4c5d80d8377601a24d63ba01c68ae2509ed79bad82dafa6e1942d9d70

    SHA512

    8e84ffe7ffaeeb15e2e3aca4026b318fea6d789da4691583c4318a9f27e94705922440e65f2be9a6d648ee378a24abef80c8ca07a5069a6101cd97860468fcc5

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb9C9D.tmp
    Filesize

    135.0MB

    MD5

    91d01c95177580fbca03bc0ac47b892b

    SHA1

    15c4743cce8c2129be2ffed1cfa54e574e130480

    SHA256

    4171029a1d31f531d9197dfefe4bdcea8773d6d6f553be6c44e6158d56546ccb

    SHA512

    51ef49b8c76e0483a4349afea25396c7ae4c61ab2be356036e6252a96bbb9dfeaa931c23203a629ca1e0fc9a93645e6316d1c5f5be632b5e13c46c8c2ecb3303

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb9C9D.tmp
    Filesize

    135.0MB

    MD5

    91d01c95177580fbca03bc0ac47b892b

    SHA1

    15c4743cce8c2129be2ffed1cfa54e574e130480

    SHA256

    4171029a1d31f531d9197dfefe4bdcea8773d6d6f553be6c44e6158d56546ccb

    SHA512

    51ef49b8c76e0483a4349afea25396c7ae4c61ab2be356036e6252a96bbb9dfeaa931c23203a629ca1e0fc9a93645e6316d1c5f5be632b5e13c46c8c2ecb3303

    Download Submit