Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

88b2815a52...95.exe

windows7-x64

8

88b2815a52...95.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 17:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    88b2815a525f0f3004fd9eeb0f0dc0c127fe77600c09e41693566a03b3903d95.exe

  • Size

    4.6MB

  • MD5

    dd64e359c4fa21905acaab47d6e883e8

  • SHA1

    10e0477c586d3d9e49ec20a3893f33a21b25f66b

  • SHA256

    88b2815a525f0f3004fd9eeb0f0dc0c127fe77600c09e41693566a03b3903d95

  • SHA512

    f64b639a61b17f440ef3edd721ac9e7836746c6b9057c9919e07c2884de2f6f498c6f5e54a6c1ae50630a38d73760040ce54e144c7505c1aed3b4e368d74987e

  • SSDEEP

    49152:NDnaVVMzMvkMUzM3n5x/fJ+OeJWLmVrY+r5u8QeKxFOJxdb4vZKV:taVizMvkMUg3n5xLmVnKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\88b2815a525f0f3004fd9eeb0f0dc0c127fe77600c09e41693566a03b3903d95.exe
    "C:\Users\Admin\AppData\Local\Temp\88b2815a525f0f3004fd9eeb0f0dc0c127fe77600c09e41693566a03b3903d95.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    f0afb791258a83ee367b9993ef1acf2c

    SHA1

    63b1c9fb2d21b056d897ef172fcc7d3e09cf95d5

    SHA256

    a0a255c2b879b567df10dcfa031821e652f71229c5325301b20891109f875199

    SHA512

    2ced7be5c4c6306f198db7c7a47d192d7cad97524c6218942fe74c355faf9a268ae3033390034966281da8ff91fbd19ad06edd8c1224e132f9af2ebf93b40e27

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    b5aa18f74795791e712f027a0a43363c

    SHA1

    0846fcbebd5d402b4adc655909f15d04bac0d63f

    SHA256

    eedb44308d54ee4ba173fabdef03342a2c99e536f54fa86910abcadf80a977be

    SHA512

    aa6f21dac06af5ea3740e7b546811c7ba5451a2621ee59ea35e8e23cca02e9e050b1dd1f34122d568e476ed18fd17ecbced88e58ff23cb43ff14fd0879c110dd

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    a718106330907ff9d5445eb51dc833ea

    SHA1

    5e36320e11f1be123e96eb4ea8dc1524beffe813

    SHA256

    c01308070873f209f091b2807399306c92b564109a63619243bb1edcda482e5a

    SHA512

    50f708e3f5ab52a1430d59b9a981bc0afe78e941380a2ba8b12b781870dd0adc4d6b9ddf60a5b8ddfad20c395b2d2e50142b596cdd6bab2641840f717e36dc61

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb2BB2.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb2BB2.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit