Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

8819c4552f...11.exe

windows7-x64

8

8819c4552f...11.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 12:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8819c4552fe3cb793b5a8e97a5cf8c3dfb6c401deabcc9203a79a8b7f4f05211.exe

  • Size

    4.9MB

  • MD5

    2b32691dc797af76da3fa995527c3d7a

  • SHA1

    69a134f860495040d236364c3d2271069d98bec6

  • SHA256

    8819c4552fe3cb793b5a8e97a5cf8c3dfb6c401deabcc9203a79a8b7f4f05211

  • SHA512

    2a7f87eda885b09ee8cd576b62c840b04e3656dc0602284754e0bb8b8b12d284bb76c4553084dd0292a769deab272b785c9e90db2afcc3f4086193244808a901

  • SSDEEP

    98304:JmHxs33+rz+kDBre2PUi7KdzOJDb4v+y:MxsTf2MHwN0v+y

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8819c4552fe3cb793b5a8e97a5cf8c3dfb6c401deabcc9203a79a8b7f4f05211.exe
    "C:\Users\Admin\AppData\Local\Temp\8819c4552fe3cb793b5a8e97a5cf8c3dfb6c401deabcc9203a79a8b7f4f05211.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2164

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    bfebb29d8092dc954c213cbeb6ec18fa

    SHA1

    3b87ec38510bb0206108c8d83f553abba94c4bd1

    SHA256

    9639146f0f666a127e764a29d7fe1cd93e7ba76d1e5e238771efa4c22c72cb7f

    SHA512

    39383787ab8f885b9d9b5b3d92501bca1867bd81254f44ab9b044617f201329b74eccda7a2390412fc0be8c72dc2d38d2cd092a7190c97ef0f390664ffd45c32

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    7cfeb2acaea1a01066fe859a7af27433

    SHA1

    acd731f32b54eb2ef3a21e36fb1f5f0dd3d2a6f8

    SHA256

    6a6274a7ef70ebdae1806ba2d8d2ae27948c2f5bc985f724f250b480c4923fa2

    SHA512

    21a379d94b78a7f25aa27000e7a3d52fe69b9558197be986c80a25185b9961e9d97ff448a686e4a9759bdc28a3bcc901a37cd18123952597040e597d985f1691

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8E89.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8E89.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit