Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

82e87b1763...26.exe

windows7-x64

8

82e87b1763...26.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2023, 20:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    82e87b1763cb6ca9d424d490ff203864c086d1e3ac107a836cd2894167c80026.exe

  • Size

    4.9MB

  • MD5

    87a5a74da37b2ef8b506dcf3e59ada8f

  • SHA1

    ca92a898de33745e899e655912e5bceb57ab3dbd

  • SHA256

    82e87b1763cb6ca9d424d490ff203864c086d1e3ac107a836cd2894167c80026

  • SHA512

    a81247d72cf08ebb188f789ed9d9c9a6cf123fee0472f436c83b2c415597c54f7ee507d6d2f15f1f94e4735e7e462a5cc395bce6ad66cb36c26c45936d20d332

  • SSDEEP

    98304:tTP0EZ36bjYOrtYtsRXIov2vRKdzOJDb4v+a:10EEYtaE8wN0v+a

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\82e87b1763cb6ca9d424d490ff203864c086d1e3ac107a836cd2894167c80026.exe
    "C:\Users\Admin\AppData\Local\Temp\82e87b1763cb6ca9d424d490ff203864c086d1e3ac107a836cd2894167c80026.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    dd4ccc2468ae56308197be545ffd772c

    SHA1

    81272a2ad11ce4bc2a9ccdf204ba73f566eced26

    SHA256

    eb2a5264764983bb8d978c6ca54fcbe3c9b8cbac79feaee00baca3cc6d2ff38e

    SHA512

    e080755e0ab84561cd9e229b2e04873da03a0a9538651933cfa94b7e9caf677b7d6a5726c2f36285aea44d37eb984d4c56ed8d044663a956a2eb15bb24949b02

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    6b675b2663b92d6fab552c5102a07fe5

    SHA1

    cf2cb70b04f7ee8cd4afeb895ba76bd7f78a2356

    SHA256

    57e2764cd79fb51f2bbef44be9a7606c88ad5248e595f97d2f61a75b3284f584

    SHA512

    2b9cbdba7f2ca51c55ab5125a42da4735ff6eefb0c7374a2084ef5cd523cec8c6eb6e872d6a406b2329f420560c62e1e6740f2257b6d0ff0758905d4371c690c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    b9532cadd3b383472b806b21542536ca

    SHA1

    df4abfd825cf77ba79d404043a656fc65289ba26

    SHA256

    bad6e9fbc5d1c0f8f4ba28a08c187065182fef56bbd14a92ed711ca1e3f9e7c1

    SHA512

    161fa37c7e2bb77b51c3c5ab498939e38e72212b10112cb14e6ed909c8310c0a82452e3488c0190f9c4f968b89bb38b1d3c00ec2659111cfaec47440a65e4a62

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3A71.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3A71.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit