Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

fb26dd689e...77.exe

windows7-x64

8

fb26dd689e...77.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03/10/2023, 23:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fb26dd689e3d1135ee0ec75cc269796a99c71535f110ad285fb19c4ed41b5377.exe

  • Size

    4.1MB

  • MD5

    fb758a7a020ed86f366c54ed9ade22d9

  • SHA1

    00de8ea41531acde20b51fbe70e5b061c9784cd8

  • SHA256

    fb26dd689e3d1135ee0ec75cc269796a99c71535f110ad285fb19c4ed41b5377

  • SHA512

    27fd2c6844ee49cf9bfc323606a0a700e0b7f5a23df9242c762c20dcb2af4b9a313b2249b0cd4ccc93c872126b87cc9cc26d87e0e2bf20cb44a785077c7cc5db

  • SSDEEP

    49152:uJG1P05g+Wzi3n0txevRVyY+r5u8QeKxFOJxdb4vZKV:2G1c5g+Wm3n0tfKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fb26dd689e3d1135ee0ec75cc269796a99c71535f110ad285fb19c4ed41b5377.exe
    "C:\Users\Admin\AppData\Local\Temp\fb26dd689e3d1135ee0ec75cc269796a99c71535f110ad285fb19c4ed41b5377.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab6A39.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    6fd3e8f287bca1307920b3e8bb737c97

    SHA1

    f9947634892b82b708a29c04fa82852a6b4a1b79

    SHA256

    7e01e95ba6bd9a5152a9def6da962195754b6edc3aa16d425f12739e3cf44b28

    SHA512

    2494ac7bde6fe129b7975e72ed57eb136956b0d63ff9a4e763096116d5683ea3c8b3a8b04e4e7e614ecb5bcc0e1d2c6f7b64aa3658f60832b8a5b63784d6dfaf

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    da2f476c5d25fe1f2ad5bf6d048ab6f4

    SHA1

    16f602ddff0471c64a32627c0166616d1265c195

    SHA256

    be7500650edf3153fbc0668e32d5bee04dd61bfbb5c401dfd8675175839da732

    SHA512

    1eca60d41d7ed36e49b10a6c4e9ad6ff44a120664b0593fc8a0ae3c56e4513b082f43fb92e5dccedef6bd9ca6a2e3a6cdbf94ee02117b9f4948c2626a5e89f53

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb65D5.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb65D5.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit