Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

9fbf3dbe73...4e.exe

windows7-x64

8

9fbf3dbe73...4e.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2023, 15:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9fbf3dbe733e0a4b882508a6ef31bb787ccb958fd7243efc91cb7c32fc83a54e.exe

  • Size

    4.1MB

  • MD5

    a89ea2908c2be0709d6e224a2d4fc3ec

  • SHA1

    fcce3b6d2636d7065f71999075887f737787a057

  • SHA256

    9fbf3dbe733e0a4b882508a6ef31bb787ccb958fd7243efc91cb7c32fc83a54e

  • SHA512

    e6406bd1b478beff2c9167244f05a0d4aa7ca50a8c2d90c95eb306b961070371dda8f462b64ee749e9db69cb05c6e1dd35987eecd9aca007386036c166e00156

  • SSDEEP

    49152:TmTMlGjQOsSzd3R8bj1LOht24RV5Y+r5u8QeKxFOJxdb4vZKVT:6TKOZx36bjNOhnKdzOJDb4v+T

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9fbf3dbe733e0a4b882508a6ef31bb787ccb958fd7243efc91cb7c32fc83a54e.exe
    "C:\Users\Admin\AppData\Local\Temp\9fbf3dbe733e0a4b882508a6ef31bb787ccb958fd7243efc91cb7c32fc83a54e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    6016001dc187b342a7e62f653adce4b9

    SHA1

    69f99589d71f089c560f24b97b0940205c42a745

    SHA256

    a4040cb8ce6b4cf2b96698e6b95d34fbfaccfacd6c528f134721f9d0dc6aaa1f

    SHA512

    99e62ca7f5fcfc8c1db50ffa14103888d3cda2e3fc7687249d5e6a66d56d552f526ebe6b1fd3003fbfca6be2d0f0c3abc16322e7530e704f77918bbe18e3a8fb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    8565d44912367916f2de003b5929adcc

    SHA1

    7f9ec5098cb4d4da9a5566bed6e001cc255de8fc

    SHA256

    a59365a79601a1a6f9c485c0f83ce817fadc3d310fc3ffd65b915533aa07ac37

    SHA512

    65c7c20ef7f57f9ee22a008b535b90cda091e189fc3ce0765a58f78922b204063c3a730a0dd686cb21f102a7d852c9b70a097b0f789a619b3b1d3e082be6eafb

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    ae0654e57d7450999da87763df90b1e6

    SHA1

    148c24dee6975621d7a7ff83233356ec428fc049

    SHA256

    6d4def5554a508f0f3fbbd5d73fed6054220814bc37b54c1189f5d8c5511f33f

    SHA512

    f57ae9d3be98f41ea250411c3753ed18818d35b53ea7833d72a2c6d688929085f96d9e11193dd2191d56ba68449b7ec8fefda48a5243f9c8b1074c5a7afa1c44

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3B3C.tmp
    Filesize

    143.3MB

    MD5

    4d774fdc773c577517eb9c82ee0e824e

    SHA1

    d69787bfa964fb095b45eb090be7a0d1cb103a39

    SHA256

    1cf5a864c92b951981333bb67c0fdb200690baabfefd10579b0da3a0a60a7571

    SHA512

    78d3be8b0499e610b056f1f3ca6853aada622426781239a1a47a348cb26a3f895ba75e986378d1f795cf2083247570e374fcd36bd2a5f9a220866b51e81afee6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3B3C.tmp
    Filesize

    143.3MB

    MD5

    4d774fdc773c577517eb9c82ee0e824e

    SHA1

    d69787bfa964fb095b45eb090be7a0d1cb103a39

    SHA256

    1cf5a864c92b951981333bb67c0fdb200690baabfefd10579b0da3a0a60a7571

    SHA512

    78d3be8b0499e610b056f1f3ca6853aada622426781239a1a47a348cb26a3f895ba75e986378d1f795cf2083247570e374fcd36bd2a5f9a220866b51e81afee6

    Download Submit