Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

d4b928bd5f...f6.exe

windows7-x64

8

d4b928bd5f...f6.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    210s
  • max time network
    246s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    28/10/2023, 18:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d4b928bd5f66f4956427287c96a8d96c941dca139af388e8eca3c2d5f1733af6.exe

  • Size

    4.8MB

  • MD5

    45d69a3673f95b8fe96738c364b2d3d9

  • SHA1

    abdbfe0350b951ac98ccfcf7601272c5723a115f

  • SHA256

    d4b928bd5f66f4956427287c96a8d96c941dca139af388e8eca3c2d5f1733af6

  • SHA512

    2bf555ff3e7983e28e9b8c01b773bf4787e698981b5566958f351549a4d9a368c6a9e1fa15fe736cdd0145551146f00ce0549d01ff399317718e893cc01efe71

  • SSDEEP

    98304:7TVlYQiFIUueAAu2PkcCO3LUKdzOJDb4v+es:NlY02PkcFwN0v+es

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d4b928bd5f66f4956427287c96a8d96c941dca139af388e8eca3c2d5f1733af6.exe
    "C:\Users\Admin\AppData\Local\Temp\d4b928bd5f66f4956427287c96a8d96c941dca139af388e8eca3c2d5f1733af6.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    f29384292b6034d796d7390a8705169b

    SHA1

    bb87ffaf71006c505c35fa1cee753d884568ab32

    SHA256

    aad1dc43d279b8fbcc4722479198a65e0fcb5111162255a1c19f1f8de1c2faf0

    SHA512

    40b45e9b76a513779ff5e55fecc03ac681c668c252c3300951d276a671df06da3f35a3d30d92f52ec65d7632f17d141e97b570cda67bc37acd01fd41e1e2cae6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    c2ba69c24110bcc84a19dfca3de32c62

    SHA1

    9848f1a31561cc289c8985fe9e8b7f3c0bb4ebb4

    SHA256

    9195c1eae1e4a66431a992d6338f28347285627db31d7be7a24925e9bb2ae3fc

    SHA512

    f4e6af7a636f6ce3c2bc98017289f30a8e6f18683b77a04cfb017a23fcf5d8baa48f4d7290c5ce0e847c96836c05620e4f042c55e3b062f394d5ffb567a052ba

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    951eff0846a6ac72bdc100413cbf04be

    SHA1

    b07d0e3972d9ea928f5a330aeb6fd7b3914124ea

    SHA256

    f501b545c921b83157aa34fd1522f6f0de26a4daee73f5b97f4a980aa1a43170

    SHA512

    11e9932f579d104a6ee3bebf7faba4c6a9e167dbd9a37abb20560814abc9b52b30245e788201d8d8b5a2798b9749c74c190e24477b4b7473060ecf240ce6fcf3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb363D.tmp
    Filesize

    140.7MB

    MD5

    433c875775a97c39b365939bfebec2e9

    SHA1

    602d0c9bf071cfdaa4da02a27f1ca58aba83496f

    SHA256

    28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

    SHA512

    3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb363D.tmp
    Filesize

    140.7MB

    MD5

    433c875775a97c39b365939bfebec2e9

    SHA1

    602d0c9bf071cfdaa4da02a27f1ca58aba83496f

    SHA256

    28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

    SHA512

    3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

    Download Submit