Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

8065444d32...34.exe

windows7-x64

8

8065444d32...34.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 02:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8065444d32456f709bb9c0b336a418e5bcff915ede6e32fc20bdfdfbaeb31834.exe

  • Size

    2.2MB

  • MD5

    0383478b467ce77b9002c405db6101a9

  • SHA1

    6a6ec03c9e7f3846e95286ce376bc25d5e5d7443

  • SHA256

    8065444d32456f709bb9c0b336a418e5bcff915ede6e32fc20bdfdfbaeb31834

  • SHA512

    5234a100f56d69d2a4bf9ab998ec67f8cfb028f114615d799d27a11c1e90887feb456ae7df61c41a119e4ce851fe36f4f2d88cdec9b50f539d06b40aa8e057f7

  • SSDEEP

    24576:0GcXsDx1pJ2ilyH0IYnDB2+egHdwLj+582TvRbLFTeX1ZED1c/OtTz71+iXaIyFb:9YsRIiflDSgHdwLKhTjW1ZGcATSNeLC

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8065444d32456f709bb9c0b336a418e5bcff915ede6e32fc20bdfdfbaeb31834.exe
    "C:\Users\Admin\AppData\Local\Temp\8065444d32456f709bb9c0b336a418e5bcff915ede6e32fc20bdfdfbaeb31834.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    848daee2e36b6603b98cacc09db3a43d

    SHA1

    ff1fcf2db214ec17adcb057a5c9d134f91f7ce6f

    SHA256

    e5850cb064ac6e9414c8944c6089721690f21aad7b9d03f5b4a67ce4b693ee09

    SHA512

    31af75fd816602a76261da6637e2eb9f45003416e3156d62f050b6d0819354bad81eaf9cf89fe8d444f50ab3866a6acb0b7f8d0368aa256584fbf3d685f88734

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    28eaefac8b9073435a074561d7b41b9a

    SHA1

    b6edcc2dbe5c30908698d6608806a5286dfdda9c

    SHA256

    4fb85ca95faf6a0ad9deab61a58de7c8e6cacd5f622568659d80398f84341d9e

    SHA512

    ec7c76ed03fc75f953825fd925fff5074374e95006e7f4827c2f7f2e9c2b331ffc47e2eb9171f53d8c07e7d8f19376485e67b39c8a832af0e9652ef949297122

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    bb3b72a168de8c0e24d7585fb8a42c19

    SHA1

    3fc0a11ee3c98d2fb52762212914b24684ce6965

    SHA256

    59cb7cbdbbdb10221c30175bf1656f2a8dabf6fb5e99d6c5f5bd374fa7247bef

    SHA512

    daf1bd159e53e483869269ef8c88a46f7088b52fa126704178898b3496450cf8a91fe6bdc3ff74aed2d85d75691a695a967052bd2e48fba2f15fe2b33d0b2360

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5EF2.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5EF2.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit