Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

a4161227a8...ff.exe

windows7-x64

8

a4161227a8...ff.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2023, 12:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4161227a8b4345a30e4e4cfa78c536d775a5f7d0cb49df97aad759cc40536ff.exe

  • Size

    4.0MB

  • MD5

    de621a353094b438ee0abe1c1f1f69ee

  • SHA1

    053e855fa5c262a7e3167eaece8080884d988066

  • SHA256

    a4161227a8b4345a30e4e4cfa78c536d775a5f7d0cb49df97aad759cc40536ff

  • SHA512

    01f5b35c844dfee267adbc3b036e3f0f995539199b6ad42f1b2d61dae5d8540b12d8debfbffc0e620221179f425176d10d727b774802d2c415b634dcd1657b2b

  • SSDEEP

    49152:lv4THDVBJQWLz53ncPlXO3doY+r5u8QeKxFOJxdb4vZKV:V4TjVBOWLl3ncPS2KdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a4161227a8b4345a30e4e4cfa78c536d775a5f7d0cb49df97aad759cc40536ff.exe
    "C:\Users\Admin\AppData\Local\Temp\a4161227a8b4345a30e4e4cfa78c536d775a5f7d0cb49df97aad759cc40536ff.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    ea501228e2d1c206f05c41b16aad2470

    SHA1

    8a57bef1f25d96c977b2c27ac0cdf150b97cf28b

    SHA256

    d212794bcb1e9c0c37e4a142c86d477fca6f1a2a77a315cb03fbc7aef7008ef6

    SHA512

    3071e27dce7391c8da58de3d64cc98462d26ba46c1bc32f3b4a2891183001a345456ed2d44637d8d016aa441fd17c31e489a3bc806f4ba695e71332f645b5edc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    cb4ba0d7ca172a980d9600b228752e28

    SHA1

    8089c9f94a28821523e221b442229fe071dba475

    SHA256

    1626a34b9d52bbb0d7a5d7527fd7fbe923cd8cb28fc7567c9e4081119097e2c7

    SHA512

    48d378380b71e04047cf7a1c410ecc31a6b1050460484963e200ffbb7e84b5364bf499d5cbcaf78725ce6f11a529084dc45e5ad85a8d0eba24db49d4de309826

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    47590cc723904ff08aaba3923ef2a158

    SHA1

    75ebdd8da920d01d7ae18d675afccb9dd6ea5291

    SHA256

    c0bc0a6dd74a0fa99647c173d80a19fd29a5b3bc0c6204d9dcef1c4925da126d

    SHA512

    8a3dbf3f8cd31295982d9deeeb9bc98e6bf7ad29d011463b40191e36c8f0db3cbbc7de567f34f5150cfc46d3565845afea0c5b23f1d40f10df595ff2a904f896

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    5c81c2a19c0cbb1beec003492b61de85

    SHA1

    2bcfd8857d031674dd20d811b4f4b2c69f21f9f0

    SHA256

    32228bcba1660399c58bbd182333fc40d213d4fd0534ccc0d029bfadd05254cc

    SHA512

    9c4f783b8b31acb8b56a1753129283c73000d1a408a24a788af648253d0b74d5b940cd21a760a702e323954091467b8300b9ad5bcd49a14a384edb25cf244fe3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3D6E.tmp
    Filesize

    154.6MB

    MD5

    cafd1e472d9f2eb5bde2d3244df90da6

    SHA1

    c188b51690f9d4119db9da270cbb9d98850a697e

    SHA256

    ef876bc431d575ec6e11e9aed0388cfd0f261bd5a8b7b4894cd3312123e9e69d

    SHA512

    2505366a92c24cbad8688caf7cc10d3ed1143ac154da126c2053472c437c14a456b97b3a71a87f24836a27a66ca894e7093610b40af609da34054f0066bf027b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3D6E.tmp
    Filesize

    154.6MB

    MD5

    cafd1e472d9f2eb5bde2d3244df90da6

    SHA1

    c188b51690f9d4119db9da270cbb9d98850a697e

    SHA256

    ef876bc431d575ec6e11e9aed0388cfd0f261bd5a8b7b4894cd3312123e9e69d

    SHA512

    2505366a92c24cbad8688caf7cc10d3ed1143ac154da126c2053472c437c14a456b97b3a71a87f24836a27a66ca894e7093610b40af609da34054f0066bf027b

    Download Submit