Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

cff533387e...4c.exe

windows7-x64

8

cff533387e...4c.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    30/10/2023, 15:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cff533387e184bc6cdb21045f3a0cf998bc069826a5ae3225190eab7478a244c.exe

  • Size

    5.1MB

  • MD5

    d6cbcfc07302de8c403bb8796888559b

  • SHA1

    bfe8eee9cd49082db1239b23ee58f3a569540f9d

  • SHA256

    cff533387e184bc6cdb21045f3a0cf998bc069826a5ae3225190eab7478a244c

  • SHA512

    ea575cbe1337cc54de24e697db3072330f3be30665a2a58c0db3687ea18c4979b7ead292b1fdc141d1071ce2f3210d9d2c43929967ce91c8c03fc7b4dd77f7a9

  • SSDEEP

    98304:Tu6wCUb2ZLddnXEJiDEWo5KG0uaQ5bzOJDb4v+h:TG2d65ZHTGN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cff533387e184bc6cdb21045f3a0cf998bc069826a5ae3225190eab7478a244c.exe
    "C:\Users\Admin\AppData\Local\Temp\cff533387e184bc6cdb21045f3a0cf998bc069826a5ae3225190eab7478a244c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    f124f71c6e928261486ea16bd131dd0a

    SHA1

    0bcc0e10d57cf0c53c54cf6858a44a4915d97643

    SHA256

    b740f2bdf92f031560491e4893c26f7b828e681f3bec7889767039f89d9c76cb

    SHA512

    766fe6dcb56e9bd5f881d3f744aa1102004f7383732f76538ac531e5e441470e518dec20795338638f1c8cb509a3a499b7bc03592850f7a627eeac106ac9ce3d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    62a7ad84efd51f970de07dcbdc1c86e3

    SHA1

    94dcca6397e2a801b63eea1832dfd392bcb84cef

    SHA256

    4118a7fa24b49af06ec48a9e0907b63b5b094fa493705623703e1fb61da5f25a

    SHA512

    ce2a53eaaf7a3142c982988a5329bbe6197b45d28e3811bb69a93208d349d04b4f021f2d94c02dcafe4f1c725c1b1e3f326cb76e8de78d5a2235838cf58ebd24

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    62a7ad84efd51f970de07dcbdc1c86e3

    SHA1

    94dcca6397e2a801b63eea1832dfd392bcb84cef

    SHA256

    4118a7fa24b49af06ec48a9e0907b63b5b094fa493705623703e1fb61da5f25a

    SHA512

    ce2a53eaaf7a3142c982988a5329bbe6197b45d28e3811bb69a93208d349d04b4f021f2d94c02dcafe4f1c725c1b1e3f326cb76e8de78d5a2235838cf58ebd24

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    f8a8637b128a95474c1761d2a5412296

    SHA1

    3583f7507f0c6d399e21ac5c68ec0a6ab50e51e5

    SHA256

    8a60a154182ea6aa5f80f63fd1a4333f998c77d384b9519bbc78d7475c05f84f

    SHA512

    656aaf966870e31f112d535776c2648898d6fe710468e2df3f07ff3f251fd7c1445bcb68a328405ef00f0e504ce76e75173b85b05481d4b768213a21192d290f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb2F3B.tmp
    Filesize

    136.2MB

    MD5

    ef68bea10d8fd1961b62344b10441370

    SHA1

    16cf7666993db08e0d653e231d5bc23f4d8872ac

    SHA256

    aa98b98ee1e3d1d59bcdaf862261e8eec94873a1dc5c473e46077d29ac3c87da

    SHA512

    bc93fb83a8015ec55e04eefb636b3997c7cd7fbf71426687914e4a03d5dec436b740606518da29e60b4921b30a6fd930cccd0f9f3f31280a473cc284b453cd9c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb2F3B.tmp
    Filesize

    136.2MB

    MD5

    ef68bea10d8fd1961b62344b10441370

    SHA1

    16cf7666993db08e0d653e231d5bc23f4d8872ac

    SHA256

    aa98b98ee1e3d1d59bcdaf862261e8eec94873a1dc5c473e46077d29ac3c87da

    SHA512

    bc93fb83a8015ec55e04eefb636b3997c7cd7fbf71426687914e4a03d5dec436b740606518da29e60b4921b30a6fd930cccd0f9f3f31280a473cc284b453cd9c

    Download Submit