Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

32ea3deced...21.exe

windows7-x64

8

32ea3deced...21.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30/09/2023, 17:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    32ea3deced51d1df219dc94de597d828ad0b0bf64b2b2cab96fb9e0cc04ebc21.exe

  • Size

    4.9MB

  • MD5

    a07711a17babae974e5a445093192239

  • SHA1

    252489e3a9bd1f38dfca9f805e6b6ea8230073ef

  • SHA256

    32ea3deced51d1df219dc94de597d828ad0b0bf64b2b2cab96fb9e0cc04ebc21

  • SHA512

    8691edda87ce597eb71bdbf3053abc158016958261ab5c837c1dc6c0fd0e7b93a6fd16b7bad2778c70c2dac7e6580f70bc1a392f41c769f7175f08a6fc22a114

  • SSDEEP

    98304:nwdXBZ2/5fbjORDgt/loIKKdzOJDb4v+rh:GkPtaIJwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\32ea3deced51d1df219dc94de597d828ad0b0bf64b2b2cab96fb9e0cc04ebc21.exe
    "C:\Users\Admin\AppData\Local\Temp\32ea3deced51d1df219dc94de597d828ad0b0bf64b2b2cab96fb9e0cc04ebc21.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    8KB

    MD5

    39ac16c71c19fce10da8807e0d4c797b

    SHA1

    6cf20340a5a758316bc4e0cff8ef04ba12cdf9e3

    SHA256

    81b329b624348f0c401329f3fb86ee91c8a9a119ca9afd388d38b013e10b7ccc

    SHA512

    96c11feff7e873eef6e46cc8eaa62e397146e3dcae62f4fc9f2a2c9ccfdde8f5880f816c819563aa89223a694b849607fb916949f7c6d2a97d54c8c7644ba832

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    66367a2bb7d9aebe09535052864940a3

    SHA1

    f4beb1e7e776c362096259e26656f6151611112d

    SHA256

    197af9ef0a4d31b8c950518a6816c69820cbdbe35e2091f451bb517b0461c1ba

    SHA512

    93ae7ed52abd7d53476413f873a8f0b3a212559eb4ac7ec27f0a2f5cd61ce940dbc3e682c1619e6bc38c0ce85458ea71db8f88243afc8893fa0c3949f7ad4041

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3ADE.tmp
    Filesize

    135.0MB

    MD5

    91d01c95177580fbca03bc0ac47b892b

    SHA1

    15c4743cce8c2129be2ffed1cfa54e574e130480

    SHA256

    4171029a1d31f531d9197dfefe4bdcea8773d6d6f553be6c44e6158d56546ccb

    SHA512

    51ef49b8c76e0483a4349afea25396c7ae4c61ab2be356036e6252a96bbb9dfeaa931c23203a629ca1e0fc9a93645e6316d1c5f5be632b5e13c46c8c2ecb3303

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3ADE.tmp
    Filesize

    135.0MB

    MD5

    91d01c95177580fbca03bc0ac47b892b

    SHA1

    15c4743cce8c2129be2ffed1cfa54e574e130480

    SHA256

    4171029a1d31f531d9197dfefe4bdcea8773d6d6f553be6c44e6158d56546ccb

    SHA512

    51ef49b8c76e0483a4349afea25396c7ae4c61ab2be356036e6252a96bbb9dfeaa931c23203a629ca1e0fc9a93645e6316d1c5f5be632b5e13c46c8c2ecb3303

    Download Submit