Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

b5f5a7acd5...4a.exe

windows7-x64

8

b5f5a7acd5...4a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 17:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b5f5a7acd5dd5b713c65e6680d063c1884b0e971c695ac26536b2ce17a52d54a.exe

  • Size

    4.1MB

  • MD5

    d062258ea368b416706a0ebaa0c7166d

  • SHA1

    9b2ea386b7ee7fd6e87937f4ab014654026452a3

  • SHA256

    b5f5a7acd5dd5b713c65e6680d063c1884b0e971c695ac26536b2ce17a52d54a

  • SHA512

    55a3a40ecdb5ea2e9cdcf64885e2f6ecf0eadf90a40a2e9316fafa599e446d1e2cf639c192ff1e154787a4ec3f4e1eebe5f9013e37b9121915aa9265eb1eae98

  • SSDEEP

    49152:KDnaVVMzMvkMUzM3n5x/FJ+OeAY+r5u8QeKxFOJxdb4vZKV:WaVizMvkMUg3n5x3KdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b5f5a7acd5dd5b713c65e6680d063c1884b0e971c695ac26536b2ce17a52d54a.exe
    "C:\Users\Admin\AppData\Local\Temp\b5f5a7acd5dd5b713c65e6680d063c1884b0e971c695ac26536b2ce17a52d54a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab4F0B.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    cb5a1007dd44b2d2ce1048a8edc95cdd

    SHA1

    2ceeff12ab5fb4d8288cf67734f464b4119d7bd3

    SHA256

    3face04ce3baf8ccd80fd0315404396bd789a348334126632213454a0f5d4608

    SHA512

    fba3770c8249a81dca664e3f9c064baff6c5dbdc3bf783b45d351801ac9f01e2e5ec23bad8ffa169eef9cbf7cc15221695b341784faebfa1cada0daa1bdd9124

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    81a52464fe7ac5d061fa41f665833170

    SHA1

    dff4efc534c7f158b79d0bab528ca8cc60b07e94

    SHA256

    7169b471c78bec96b16ac85891d639f4512f66738b4a246885e6e19d750bccb9

    SHA512

    d481c72dc10f6f0282b6bc0227abe97bfb07b9c4793aa69cd7b065169b819370ad22a2600b27252e681fe78003e3dec4efee67e4de584e54318d06fa452dd6df

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4A1A.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4A1A.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit