Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

78d8b2b344...10.exe

windows7-x64

8

78d8b2b344...10.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    01/11/2023, 14:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    78d8b2b3448b05d12d87fa0f23e62a6687eee2632d1e1930e45920ecf73a8310.exe

  • Size

    4.8MB

  • MD5

    8566792a5d8ad8b07cedbf6c675a3f07

  • SHA1

    d82fa8ddd638612efb11e6d1695a0800a7cd4212

  • SHA256

    78d8b2b3448b05d12d87fa0f23e62a6687eee2632d1e1930e45920ecf73a8310

  • SHA512

    77980c555bd47e550191f7e0b77e58d911c118a99b2d3c13cec5bb481fdb65fdf4d55ba7caa9bb65e0af5d2f1315a4aaf0cd8fe223a2ccd4dfdf2e6d2397a6d2

  • SSDEEP

    98304:7TVlYQiFIUueAAu2PkcCO3LUKdzOJDb4v+es:NlY02PkcFwN0v+es

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\78d8b2b3448b05d12d87fa0f23e62a6687eee2632d1e1930e45920ecf73a8310.exe
    "C:\Users\Admin\AppData\Local\Temp\78d8b2b3448b05d12d87fa0f23e62a6687eee2632d1e1930e45920ecf73a8310.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2144

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    9943b0dfacd1fcc96d7b1d6b4c48e903

    SHA1

    8554f0c7ee04fecae9cb8b47aee6053fb174cab8

    SHA256

    b2d8adb1675fadfdeaff71767df0f98a2f5cba7a71de8e9205e5dc0b957161db

    SHA512

    77659d5dea156528da7218ca0ec1c0e76fe14d30fb007e5a9356f69382ec5889d6430b523562fc79ada8291b608be19634901f9b1f9da1a9a262cea2fd929816

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    20b5c1d154b30f8702991fbb2334e944

    SHA1

    03cf036f9b5adb9a52a773a54b2703550edceb54

    SHA256

    267924100ddbede6af1296858a04dd2e50665746a72631041b40a380e2651899

    SHA512

    cf36c6abb9139bcce52cd071b642c8459fbc8fec07d71e198733705c6920996f8ac88687a05a51f47069eaf84bfb195f496334f1b43b30c52148180fe0c315ad

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb51A9.tmp
    Filesize

    140.7MB

    MD5

    433c875775a97c39b365939bfebec2e9

    SHA1

    602d0c9bf071cfdaa4da02a27f1ca58aba83496f

    SHA256

    28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

    SHA512

    3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb51A9.tmp
    Filesize

    140.7MB

    MD5

    433c875775a97c39b365939bfebec2e9

    SHA1

    602d0c9bf071cfdaa4da02a27f1ca58aba83496f

    SHA256

    28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

    SHA512

    3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

    Download Submit