Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

23e9d92db4...62.exe

windows7-x64

8

23e9d92db4...62.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07/10/2023, 00:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23e9d92db46c5aaceb0ed33c56c942e456cf0157df11c5b45124b1c4c6850562.exe

  • Size

    4.1MB

  • MD5

    a224fa977ad9fc5272e43b677f9c6aaa

  • SHA1

    8608722ce52dc9befbd4e71d9c558ba32c6d338d

  • SHA256

    23e9d92db46c5aaceb0ed33c56c942e456cf0157df11c5b45124b1c4c6850562

  • SHA512

    7f743f235e6cb8dcec634264f3160cd4fd7b307f7c359c3fc08fff4829ffde157eb436157fbf2e42b206a511e264c9db1a3acfa619f7fdaaccc2ed1f23d0a24e

  • SSDEEP

    49152:uJG1P05g+Wzi3n0txevRVyY+r5u8QeKxFOJxdb4vZKV:2G1c5g+Wm3n0tfKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23e9d92db46c5aaceb0ed33c56c942e456cf0157df11c5b45124b1c4c6850562.exe
    "C:\Users\Admin\AppData\Local\Temp\23e9d92db46c5aaceb0ed33c56c942e456cf0157df11c5b45124b1c4c6850562.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab4000.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    34d7de72391b1a1a2ec8b845ce51b691

    SHA1

    f459ca1ec79703eff5abff51f236d9262ccacc27

    SHA256

    e667b473c4c88f96e8006f82b6e0562de79781b6ce1e46d36c697b8346462067

    SHA512

    5ed29de88176c84b088a7ffa3b1cd46ff8075c11e3faec7201fed645186d469a0ef42580ea642e78ce58f428c05e3fc7fc9106bc4d9c3211fc074e1f4ccfba6c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    8KB

    MD5

    35155ca152b6904bcd998541a4c9896e

    SHA1

    d2f0b4e488173c8250af73e41e68ca768587c6bb

    SHA256

    e37be33532ac7af375bf0f5e125218f10c8cfa330e7eb1a433ae4c9534a9c5cc

    SHA512

    ea72a03289ac2d61fa259edb38c8a61d020e629249f3d3b8bbd9cac53c95124a4d7987c52da8b1181faefba7fe093193b8fcd40700e878b2f8ba8542327f6413

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    5c4dced2432942d818de2995f0727a71

    SHA1

    465125ff97411916fe140455f79830258dfe9e88

    SHA256

    1eacdfe0a1058614fb8b4cb023b4d766202993adab56b0eb7c78605164242793

    SHA512

    f24ed996c64ef57d7735d2aa94afb99ba4fa03e2ecf793e60cdfb73650adcbd095d9a931f3803db50a96ea9d7f7d55426ec9f33a7fb719ec79e9e817783f68bc

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb389D.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb389D.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit