Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

ecc13de4b7...a3.exe

windows7-x64

8

ecc13de4b7...a3.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30/09/2023, 16:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ecc13de4b71cdbd46996ccef8d4762c226d3999842a5e31161d170ee23a6b1a3.exe

  • Size

    4.6MB

  • MD5

    49100ba246a8942a40e92184ae68b328

  • SHA1

    a6f766b1b59ff5acaaa72ee6a73720727c8f1602

  • SHA256

    ecc13de4b71cdbd46996ccef8d4762c226d3999842a5e31161d170ee23a6b1a3

  • SHA512

    d8884f6789160d1bddd9a40fd549ddd86f5f7718f0845fbb42364cd01f4e67438c45a65d6c8dacf91e5d225a6755c6427f5ad293a00005381d438d524c6d5d49

  • SSDEEP

    98304:IG1c5g+Wm3n0tzGoFrnoNspKdzOJDb4v+:UgjGoFrn4wN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ecc13de4b71cdbd46996ccef8d4762c226d3999842a5e31161d170ee23a6b1a3.exe
    "C:\Users\Admin\AppData\Local\Temp\ecc13de4b71cdbd46996ccef8d4762c226d3999842a5e31161d170ee23a6b1a3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    c0afe0bb004851c97123a920da20647c

    SHA1

    fc78855573fb78c26dae8facaa8b70042fa52120

    SHA256

    4f20e839e8d7a657320fcda8819adcde98f83da7319210976d141c71971cb7ed

    SHA512

    dd5ae83ea19dc74404d92cbf3912ce6ad01e7f68d113336a56f4eb8d1bd2fc4840d796e1c04cf88356e790f759dc00afc68d6c623f8258d97df399ffea07ad14

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    faa9bc853ea3a04164b67cae3ce7760a

    SHA1

    eff0cd899814912ab05eeb77e2327d1f0c6a3602

    SHA256

    cc3f75963951288960d69bdb2c23b9987724cf0162b339c90dc72fa53d322696

    SHA512

    9843e9f5ceaf658c404fab0e2a7ec3de64452dd5bd242486e6543358603dd507470283173806c804fd387bfc9c17b473e664c1326ef742ad4886a6bfd1a84289

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    1dbc811cf27adc3fef13a082fdc3e00f

    SHA1

    7487910580fac8b23ca2c35fa549f44edb186614

    SHA256

    bb058d9f413d71196c0fb0017e91e512f29fbac7b3684e77273a367b0173f9e3

    SHA512

    25516c309169545eff2c920d6be67bd96fcfa723ff98665e6a3926dbd7981c0918ee27f44d609d44ce6617035fd49b858c6e5e20534b271254b48f4f4ef1fcca

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb361E.tmp
    Filesize

    153.7MB

    MD5

    1dd33122a828803ea9d060045a3435e3

    SHA1

    b57436341452a60d4df59c070fd9e14d88a7cd9f

    SHA256

    c19338e7062089af74835421b2f74f3eab5ddee46fc3bc84d03e3ae5d37a525c

    SHA512

    fd371d1b8adce266913af63826031cfcacc26e9f7f159c3fa4d7554e3bf3888821c4a0a0b4c9dadd15f2350f34b6baa72c2f3dc990a32329bed16e62601fb904

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb361E.tmp
    Filesize

    153.7MB

    MD5

    1dd33122a828803ea9d060045a3435e3

    SHA1

    b57436341452a60d4df59c070fd9e14d88a7cd9f

    SHA256

    c19338e7062089af74835421b2f74f3eab5ddee46fc3bc84d03e3ae5d37a525c

    SHA512

    fd371d1b8adce266913af63826031cfcacc26e9f7f159c3fa4d7554e3bf3888821c4a0a0b4c9dadd15f2350f34b6baa72c2f3dc990a32329bed16e62601fb904

    Download Submit