Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

321e2219c4...e8.exe

windows7-x64

8

321e2219c4...e8.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2023, 15:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    321e2219c474298815d3c38561e644b18635b1df8086a81ebe46a97ab75349e8.exe

  • Size

    3.8MB

  • MD5

    6234ea5f0f8930440d7e970707f128d5

  • SHA1

    c4d260306a8539a949828bd19683df6442895797

  • SHA256

    321e2219c474298815d3c38561e644b18635b1df8086a81ebe46a97ab75349e8

  • SHA512

    6bf547fe98a8dbe3882f59275fca26a8379792a9e8b827f0cfbdce9d5342747adc729708aaf5462f3b1fe4c725240faac24ce8f172d0ebdfa1a04fae224ec045

  • SSDEEP

    49152:PyOjNMqkoakIOoq6K2t+GbzwIUFpzB+r5u8QeKxFOJxdb4vZKV:qcOxoa2orK2t+GwiKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\321e2219c474298815d3c38561e644b18635b1df8086a81ebe46a97ab75349e8.exe
    "C:\Users\Admin\AppData\Local\Temp\321e2219c474298815d3c38561e644b18635b1df8086a81ebe46a97ab75349e8.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    8d3f8f142a40121cfdb215c2e0daa719

    SHA1

    ae3dd3005e1318a25affe06559b43d7f9047e908

    SHA256

    c56a60218be2e3dce83a2f9ec0b7d6fa777e7533838d3c16061d5a20d5a7e94b

    SHA512

    8c439806519cab1473b3cd377f7abfeee3befca0a843598e9df69fa4448bb807a40e4bbb2837a1387df040be3326a1296d1e76a27cec416653ee5ca83ef4528b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    6f6eaef448506ee1487af707f4be9a89

    SHA1

    ff5b0baead69abb20ca7e71f99461a16d715bd5b

    SHA256

    28326b892c10a90ccee1612c01de796287d5b94c2a6209401bc945b9e0552a2c

    SHA512

    b4a39c27eefdd87df7bb0b42dd0919f04b54a0b642d9a4daa44cd45510ce36e90bc9004b26fc6533c33de9dbe90fbcb50ec88c5c5e214c07d4ca6a8149030097

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    92fcf48a5979a34c4a8c9e4f2a4aa7bb

    SHA1

    d5073dc324abfc1705d521f867e43aa1bdb99a1d

    SHA256

    bac167e44a8d90f71e4b7530c76b128b59e72aa11bb9a0eb38b89608cc0a9127

    SHA512

    b62994eeb3377a922886a928a4e3f5f2f7c5d5c70be98134a8aa2549a4496830844f7b9c6b37710f7d07933287ef22e6bc19ed04dc8de288dd138896d20a14fb

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    f9355379e94dfbcc892393763885de9d

    SHA1

    c5843ff4e19c2fa05f70c6ee0feae2ae1bc0e539

    SHA256

    4e5ab1db09c52606faab9c2513e1d7c3d73c05e5bfe0abdff68eeed59b6cb343

    SHA512

    d282eabcf354bac65be91d07c5ed851e5bceca889a91c94a6bd9663cce3d5f3a3e519e976d211010895e9e34a69b225201d3327429320c0eaf25a83d0218d63d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4605.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4605.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit