Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

2f5a88d413...f6.exe

windows7-x64

8

2f5a88d413...f6.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    23/10/2023, 17:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2f5a88d41366e1fef7e7024f723671d57077bc0e4146231afd1c8dc9c3ef2cf6.exe

  • Size

    4.6MB

  • MD5

    5a9d3380cf501c4b742b74afa3581d7d

  • SHA1

    9da690240e6228670213b28bb8fd89975ff2d9c5

  • SHA256

    2f5a88d41366e1fef7e7024f723671d57077bc0e4146231afd1c8dc9c3ef2cf6

  • SHA512

    e979473a2d1c98ed4dcd6f76c79adaa0cd8122fe36f46f67b02c118cd80bbd2e770e1936ad8808b34eb5609aae5bf8ec7037fa7b16d08e9237fed538e1643872

  • SSDEEP

    98304:o4TjVBOWLl3ncPZRVxCK7MKdzOJDb4v+:hBO5RVxFwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2f5a88d41366e1fef7e7024f723671d57077bc0e4146231afd1c8dc9c3ef2cf6.exe
    "C:\Users\Admin\AppData\Local\Temp\2f5a88d41366e1fef7e7024f723671d57077bc0e4146231afd1c8dc9c3ef2cf6.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    faf7104339ec400942afa5bd8a0ad7da

    SHA1

    90f86fb66c6b4c42144437f5f3871d398262699c

    SHA256

    f6b0390ed1d9490f6c2d6fb6cde11a4cc55a5ee61bac72a138c424a2e8e251c6

    SHA512

    93577b21e88c74745b2fffadd5d41de7bc94ab59ab4c93581809ed7603ad8224373ffc679699e7c6c068be298ae48d65dde828246e5c73c0fa569e46bd2dd549

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    27ecf070835cb40dfb50865700bb2887

    SHA1

    35fac39fb62c795785be5b1258267afa60a5c1d4

    SHA256

    1e239834bf17f412eebf390ec97cf4cbb4ec4764d25300dc16f23019c73f0105

    SHA512

    4be52e050c72f708e4291be0d4c73ecd66cf115600f1ef604ce9d88c1d03e305165e803194ee84cfe51232a257f88f6d1e8a59a630b44923ed11f461124cecad

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    9841837c127dcecc0b578710bccf01fe

    SHA1

    c6933086380fc132a801012ca7b3abfe4fdbb28d

    SHA256

    5d3666daa099229b877f1233161c1aee7fd732dfcd654c596611a8ce92f10ee9

    SHA512

    fe7218e65b641b8cdfac180eb67bf1abe32d5165da8a810d4213c0dcecbec819bd3809d04fc3a80f0ad2196b244aa5d4316ab48456893023d5cef0533c1abcf5

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5090.tmp
    Filesize

    154.6MB

    MD5

    cafd1e472d9f2eb5bde2d3244df90da6

    SHA1

    c188b51690f9d4119db9da270cbb9d98850a697e

    SHA256

    ef876bc431d575ec6e11e9aed0388cfd0f261bd5a8b7b4894cd3312123e9e69d

    SHA512

    2505366a92c24cbad8688caf7cc10d3ed1143ac154da126c2053472c437c14a456b97b3a71a87f24836a27a66ca894e7093610b40af609da34054f0066bf027b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5090.tmp
    Filesize

    154.6MB

    MD5

    cafd1e472d9f2eb5bde2d3244df90da6

    SHA1

    c188b51690f9d4119db9da270cbb9d98850a697e

    SHA256

    ef876bc431d575ec6e11e9aed0388cfd0f261bd5a8b7b4894cd3312123e9e69d

    SHA512

    2505366a92c24cbad8688caf7cc10d3ed1143ac154da126c2053472c437c14a456b97b3a71a87f24836a27a66ca894e7093610b40af609da34054f0066bf027b

    Download Submit