Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

79b4b8e637...3c.exe

windows7-x64

8

79b4b8e637...3c.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 09:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    79b4b8e6377543287d5f566fb7ac15b8f1c4da6c6b091e042365f89a28f4ac3c.exe

  • Size

    4.1MB

  • MD5

    553c0557de90f7353772dd76d761fc17

  • SHA1

    62df42d652150407fbb43164993e18c9615cab3f

  • SHA256

    79b4b8e6377543287d5f566fb7ac15b8f1c4da6c6b091e042365f89a28f4ac3c

  • SHA512

    95b050e5a6722a8709b4c2077e988fbbeb74764c641ed7ecbf578d3ecbf86d1b85fe309b9c82793533ce9eec9e9e7fe25f238b86128e211a8912f3f286ee2a11

  • SSDEEP

    49152:EMwdK4BjNb2Btv5FpbjVgRDRh1OY+r5u8QeKxFOJxdb4vZKV0hu:jwdXBZ2/5fbjORDiKdzOJDb4v+0h

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\79b4b8e6377543287d5f566fb7ac15b8f1c4da6c6b091e042365f89a28f4ac3c.exe
    "C:\Users\Admin\AppData\Local\Temp\79b4b8e6377543287d5f566fb7ac15b8f1c4da6c6b091e042365f89a28f4ac3c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab38C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    a01f10116de8b1e1e2dc951fc46aab1b

    SHA1

    3d72d68cbe34254df232ab4770167729f6121ca8

    SHA256

    d7f7775fd33b06cf6eecc5cafe45aa6db41df3c2babd0d778788bfc84f6741b8

    SHA512

    329e22ccd22a8470c90ace16e90455116b9b782a146a1cb0ab2fb6998932bce5e28aab18304855a3b8e32f3aa110fccd6262e8fe082a6621428df0c5db558029

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    21260801763f565c676e13c5cea6138a

    SHA1

    7eea1828505b25d3dfc87f2e9674501997cecfe3

    SHA256

    58a5d4648ae2bdedd3e9fac08082567ff9b80146c086d581e8480e6d6278e722

    SHA512

    eeaca0969880c312eb0b74255e2b6f15ed1c5f117c9ce6f8d1e43fa0425fa1974fd0b814d5ea363d2ee42b5bce4a88f4ed1f5737b3cc9a68132895861765a3ec

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    f995443b6ac9f6851bf6af773dfae76d

    SHA1

    c2757490688bf977a74044923def98abaa30b3fa

    SHA256

    8769d0aa90e1435de3beb35e525dd77addd4f11d83b368a4e0783a5217b3a0e4

    SHA512

    5417071149d6cc7a25916272042c39b2bfcd46f476fad1d56c2c10557c550259e06c199b3ef330380c02db50f5aa35f8526f12bce6b670f42798a0baa48c8449

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybD94F.tmp
    Filesize

    130.6MB

    MD5

    b70459fb23db43385c7cf7073f8129b5

    SHA1

    f5db9921bc8827951622534c837bd7e12db73b57

    SHA256

    5197959e58d92fca68d4d4c93356dc3d0bbc518106008575beac20e58a5794fd

    SHA512

    df43458c4a5536f7f43e6be75c774928473934914a478e1d60d65ecbd3895c5cff42d2bbcbc4f810f9116d529801d11d5b93f23abb5182209f46800c604cee4d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybD94F.tmp
    Filesize

    130.6MB

    MD5

    b70459fb23db43385c7cf7073f8129b5

    SHA1

    f5db9921bc8827951622534c837bd7e12db73b57

    SHA256

    5197959e58d92fca68d4d4c93356dc3d0bbc518106008575beac20e58a5794fd

    SHA512

    df43458c4a5536f7f43e6be75c774928473934914a478e1d60d65ecbd3895c5cff42d2bbcbc4f810f9116d529801d11d5b93f23abb5182209f46800c604cee4d

    Download Submit