Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

09d00cf83f...3b.exe

windows7-x64

8

09d00cf83f...3b.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 14:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    09d00cf83f5d05e0ffa93b6c08425f97f9ebb98bd8bab989bd9af89cec6aa43b.exe

  • Size

    4.6MB

  • MD5

    681cdfb53097be13728e3a902797e94e

  • SHA1

    757960e041da782dbb3e784f150d811e27ed2738

  • SHA256

    09d00cf83f5d05e0ffa93b6c08425f97f9ebb98bd8bab989bd9af89cec6aa43b

  • SHA512

    ef167a3d69b939a4aef57592e21c700ba2ead8ce870dd8106681dd8d808c82827d4b7bc09f70937d8cb67628352ab9e0ef98a6a664b2ca0e9d6a5499547d7e1a

  • SSDEEP

    98304:aootK+1k6mLlAZ5lt/PymzKdzOJDb4v+/:mWIJ/qRwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\09d00cf83f5d05e0ffa93b6c08425f97f9ebb98bd8bab989bd9af89cec6aa43b.exe
    "C:\Users\Admin\AppData\Local\Temp\09d00cf83f5d05e0ffa93b6c08425f97f9ebb98bd8bab989bd9af89cec6aa43b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    0d0421190b53653a84638d6d0e7c2007

    SHA1

    0086d938d32a096dc5fae71cac1a2322dc97a83f

    SHA256

    859c84233a52004bd254909c994d3688e66a12f4bd7aa1ee62f4f9e097b7d248

    SHA512

    54c7030683770248b35696702ec06e56dae5b12da923a54b03fcaf5ab18ce7f93d6bd59fa4eb5755108ff2db07f513c26158e0954fcd97f701cda5dea4075ebb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    c83cc1fcdfbe6c508e839b175c4ce257

    SHA1

    db5d3dd72d728aa019214c3c3e310d9cb7c365a6

    SHA256

    edb25d596b2c7f09c72ecc53491c6ee2bcfc9aa244c3d8a51cd590cca8807fa3

    SHA512

    c176921b02450ca5956fb3f88803dd3adcfd737de9f15aa15bacaa72442ea436a1213c4532c3dbd7b1961fbba5bcf1aabbaf57f55987b59a5b6ba8f28ebe8a42

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    1fb89366446c83631728e24499c7f869

    SHA1

    2e00bcedf08072c24aed5c0044e7ef9182f93ec2

    SHA256

    b9f0d98107eec97213c5d74da071576fd8729a2605220c6ce6245cc0f33e66dd

    SHA512

    107a7fa636152a07f871df3498f9f3300a720eac962d591405929855daec4162000eb718b65b5e22efd6358660146fb0cd0d16d201e1df7bac2fd8523d3aa07c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5918.tmp
    Filesize

    118.8MB

    MD5

    f7c4fbc6090466ed8d116ca837e19a8d

    SHA1

    df0b34c1264e9d42841343efdc91c558d866967e

    SHA256

    d1ebe9754ad0060801f2a80431b8819a0212fc76a44a38fb41081ee3ad713461

    SHA512

    ce61c777cc005b1b424987119ad7d0f5270ae1ef44320d55e0ddb288ee88f3c2d2f24f19184f71bcc2aa4bd92bbf4a592cb183e987a7cd64864785103df27606

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5918.tmp
    Filesize

    118.8MB

    MD5

    f7c4fbc6090466ed8d116ca837e19a8d

    SHA1

    df0b34c1264e9d42841343efdc91c558d866967e

    SHA256

    d1ebe9754ad0060801f2a80431b8819a0212fc76a44a38fb41081ee3ad713461

    SHA512

    ce61c777cc005b1b424987119ad7d0f5270ae1ef44320d55e0ddb288ee88f3c2d2f24f19184f71bcc2aa4bd92bbf4a592cb183e987a7cd64864785103df27606

    Download Submit