Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

3ae5bb1df3...3a.exe

windows7-x64

8

3ae5bb1df3...3a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/10/2023, 19:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3ae5bb1df335be679a3e13dac2c11705efed14f9342adf219ed349ca7c3f803a.exe

  • Size

    4.1MB

  • MD5

    e5218706e50ffc69ec9d3ca8bd98330f

  • SHA1

    fcd023f3b9d0dc99e6a89028d138bf67ed7b9a32

  • SHA256

    3ae5bb1df335be679a3e13dac2c11705efed14f9342adf219ed349ca7c3f803a

  • SHA512

    87e4a1afe5c4ceaa139898998b6cec402111dc4e2ba29d42f64e000417646c54bc910dee8a1211a6fc772d6c29cd84bab970c1aa5cefd5a09f0a40586ea27516

  • SSDEEP

    49152:XDnaVVMzMvkMUzM3n5xlekY+r5u8QeKxFOJxdb4vZKV:DaVizMvkMUg3n5xRKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3ae5bb1df335be679a3e13dac2c11705efed14f9342adf219ed349ca7c3f803a.exe
    "C:\Users\Admin\AppData\Local\Temp\3ae5bb1df335be679a3e13dac2c11705efed14f9342adf219ed349ca7c3f803a.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    98cc769904778c2335a0dc858a453661

    SHA1

    9fe3e42bd393eb910e39d0bafb825fcc120cf214

    SHA256

    5a376bf09791b39c4a862bcfa2babc3e6a03a36184cc00bcece6f573564f732d

    SHA512

    75782e69f3b60bd90e33e14eb5f31533dfc04da7e4c915696d73260d05f7d05ddd07e44830f8d8a4bb24d2ad5f659745dd000181c90357f0ad88d1c323ede888

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    a11426c3fdc4054db5e241f32e067787

    SHA1

    85a0e59b96c9193e5eca0e6ca9b109b94f620058

    SHA256

    f392d10e6ef9498986e89dcbedbc683caadb34015f0021f19fea067e73699cc8

    SHA512

    48d61e68dee716bd71275f636e1a3c118fa2f5c4a5283a0d8982429aac6f020aec40fe93cf4acbbed7984c2a5f80a091829a7da2b74b3ab2f5dbfac4b48a5a5b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    50baa77aa86a8da6f70016d3fe98b20b

    SHA1

    e0b63043230f915b3b23272e0e8c26d0064ad582

    SHA256

    5b56b9a72873cbb038b70b00675d4e2725de4a7cf8842af7bf9f387bf8449e5c

    SHA512

    b1447bf624f30fec55840be3d0a4f7c1aad8697efd4621cf561130b7f97a3943f82fd124d82e052379d8a2b9eb33f31b5ab9156838a5650e4cf56563784db0b3

    Download Submit