Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

90248c221d...b8.exe

windows7-x64

8

90248c221d...b8.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    06/10/2023, 22:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    90248c221d60146a78d753ea9265e766c8f6a7a491b34e3f81a486c81f86a5b8.exe

  • Size

    4.6MB

  • MD5

    53fee56097a94af10246c1dad2f49fc7

  • SHA1

    bd953b08c411c7d96f12d5b7e76f3bd17f4e9923

  • SHA256

    90248c221d60146a78d753ea9265e766c8f6a7a491b34e3f81a486c81f86a5b8

  • SHA512

    97d78da5551193172ee9128feef74cb35f315cc73ab3875b6aded4d3bfe4eed65e1a039fec295f7877b90cb034638a8b8a5525f1b2667c8fb151a3402e8f76c0

  • SSDEEP

    98304:IG1c5g+Wm3n0tzGoFrnoNspKdzOJDb4v+:UgjGoFrn4wN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\90248c221d60146a78d753ea9265e766c8f6a7a491b34e3f81a486c81f86a5b8.exe
    "C:\Users\Admin\AppData\Local\Temp\90248c221d60146a78d753ea9265e766c8f6a7a491b34e3f81a486c81f86a5b8.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    8KB

    MD5

    5bd3dc5c1b8276eb10b6b3b705caa407

    SHA1

    917dd99b54df141ca35842f54b8939a2c49909ac

    SHA256

    165cb8f1e8661e755a1497ebb1dda1fba8e6060255fe52ee85f46e66d2922b1e

    SHA512

    4d467674bbd633f2c30296fe8aefe856e8cada288a2acc479d120a4e9aa5b18c81bb2df2b1646c8b48306510ef487ba5303b3cbbe70476e3e5b2ed5993a98c1a

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    1925eb8d355f96b51d01925b78f35fd1

    SHA1

    594cda7dcbe336973dffa372e74d6c64b3c3e3db

    SHA256

    bdca42e1b33f5a480afb443e3ab964f471c2162176e6c7a0a88d7ed8e34c0afa

    SHA512

    200693734dcc1b6f66feb84fa9d8c131b07acb72ef3289c3baeed3773465a621926c261d4730c661f22fd85d7fa3b0fdd35e3e59bf62dd1bd606d07cb916b9e9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8A84.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8A84.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit