Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

a01c5bec56...c9.exe

windows7-x64

8

a01c5bec56...c9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    02/11/2023, 16:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a01c5bec56efe88916340fd313a09e8916b2307e872725b36d882349078eb9c9.exe

  • Size

    4.0MB

  • MD5

    42c0b0eb62decb1b43572da9db003a95

  • SHA1

    f9fe5285454737bcd62b8baeac281286ba8de09c

  • SHA256

    a01c5bec56efe88916340fd313a09e8916b2307e872725b36d882349078eb9c9

  • SHA512

    76c4d52fed47d24120f12e5ce5b159b393d4eb0bc01442b5ceb9299d099af2d787f21ce710c6904f94628b08750a1e29bbcd49dfc382c568bb5a40f50430d90d

  • SSDEEP

    49152:3ub3nCuhEBygPHQK2FPzhhe3Y+r5u8QeKxFOJxdb4vZKVU:+b3CuhEcgYK2FoKdzOJDb4v+U

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a01c5bec56efe88916340fd313a09e8916b2307e872725b36d882349078eb9c9.exe
    "C:\Users\Admin\AppData\Local\Temp\a01c5bec56efe88916340fd313a09e8916b2307e872725b36d882349078eb9c9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab9243.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    c75fd043c966668814ccf133fe594497

    SHA1

    871582488503af72017829b3fcd1989db74e369d

    SHA256

    13e42552d4366df58b5f9fe54a7b4fca0b569edbd6b1c304f23874cc8126cae6

    SHA512

    1b6e9b6fc6b055d3d90fe349dce81bb29a5f6821734a48dafab7a7b60ce17791433cf47699610425c58f3fc2aa6f190547d5b1252212a1b6d30d77f9e4fa6eee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    b4e58c67873b5eb6cf67b75173e96c24

    SHA1

    a657060ed581b0d1a86723e9362e179b0e0edd75

    SHA256

    6c479f61efe314f52039d71a61da1269ee760b29ec20db27c0da2eb0f0e6e389

    SHA512

    788ac2f8b8e65c8c124111d2ef553b3f5ca237a3016c973b4fea3b74691a443c6c36b46665b3f544ed1b966a49196cd5f791cead67500469beabe372083effa7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    6e4995ccf45cfc3c3b985efe644018e5

    SHA1

    e930ce430510d9785efd97ea1e73137b77dff4ca

    SHA256

    fd8ab1bc7dde17e3ddfdcc0c4d4bb79cabae5bf6b827d543f938676033dae685

    SHA512

    5de8a3c510555aba9426bcd3d329ff2646fefe427de1a5cb39d488805081e8e13148a621fd361f6a8d2f79b97bbae42d0596410cf4f6e10ce7e7f8e7a1d72e9c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    3b0dea922f1220a08181f9c1908e7238

    SHA1

    654c53cd7e4bbbd2f904ae51bc1fb33d34387c6d

    SHA256

    462ab9cfb986a79e9cc6b3d03093c49f913e81f3f3a893dcda964a61514f8c65

    SHA512

    f0e7e2bbbcd4d08d090dd32120dba642be36db9a132007b17f49e64dc35ebc2b14ba34b9d8a5dbaf4bb85b27a94c3121159087368e13f595399b4ac3e9399a1e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8E89.tmp
    Filesize

    155.1MB

    MD5

    3469020b81ad87c33bd9e36b3e3e6ba8

    SHA1

    008a1622d92eba3c935a8a068e7125e1c2fdd3c6

    SHA256

    8b3569d4f33acdee3884afe9ec30d6a91bacfafacf7f324371cfbc4fcaad1933

    SHA512

    c892acdde8b6b7269144702a6ae12f27d4c637cad4d6eff9dbdeba6f9ed656220922b088901daa835b7718e998623552d5d8af38a19e4322bbc07fb9af1d9ed9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8E89.tmp
    Filesize

    155.1MB

    MD5

    3469020b81ad87c33bd9e36b3e3e6ba8

    SHA1

    008a1622d92eba3c935a8a068e7125e1c2fdd3c6

    SHA256

    8b3569d4f33acdee3884afe9ec30d6a91bacfafacf7f324371cfbc4fcaad1933

    SHA512

    c892acdde8b6b7269144702a6ae12f27d4c637cad4d6eff9dbdeba6f9ed656220922b088901daa835b7718e998623552d5d8af38a19e4322bbc07fb9af1d9ed9

    Download Submit