Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

47d9e028f6...0f.exe

windows7-x64

8

47d9e028f6...0f.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    05/11/2023, 09:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    47d9e028f6978c4199c6306d3f2da2766c8392b66ef83068b0f4bb1ccc42540f.exe

  • Size

    4.0MB

  • MD5

    f0f875f6f788ea7944800fa02e122a43

  • SHA1

    938f2ec6217242c143ae00a8e6ac1c72ef5e1b79

  • SHA256

    47d9e028f6978c4199c6306d3f2da2766c8392b66ef83068b0f4bb1ccc42540f

  • SHA512

    25429bcb6a8bb09542b0101d36d7a47bfe3e1246c25a982d7169ca4b12fdd3664a6b59ce1f5d798f1e3a86765c9d2f70f01e3f474a74621572c87519c5c0800a

  • SSDEEP

    49152:6ub3nCuhEBygPHQK2FWK9w8Y+r5u8QeKxFOJxdb4vZKVx:hb3CuhEcgYK2FhKdzOJDb4v+x

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\47d9e028f6978c4199c6306d3f2da2766c8392b66ef83068b0f4bb1ccc42540f.exe
    "C:\Users\Admin\AppData\Local\Temp\47d9e028f6978c4199c6306d3f2da2766c8392b66ef83068b0f4bb1ccc42540f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1380

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    80061a6d5acd0ab666a4029a42153ee2

    SHA1

    251ab917ddd61e44b9ebfb64620ad1c641dba40e

    SHA256

    8a7626e2406dedabf0efae1a9ef49ae8104a59a0cc3bc01c8ee1442ab3bfe789

    SHA512

    efda333b30a100a6cacbfbabefec89d07108097e08f17bc5a672e1614479a865a6db4c4763301f7ee9a0e030d6db7313b1ab5de94ff7315be61b7d5c438329e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    b1ab1bfff7d85be8165ee4b8ad1257ac

    SHA1

    de4409a8d5edef5f4f32761685ae6175b281975e

    SHA256

    42fd422ac34c7345c7bf3b664241590eb082e2d1b422fb30a1b7c1e844262a6e

    SHA512

    869f9a66d9c6560f6c96ce9d6b706927116e80c4ba96940283bc0dcf39df6eebf3710b7db9be03f487428dcc5c5f76a6511de7b7da2ddfb4415d482f3e48cb51

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    1c7684eee53f383a8342cb63a44bddf3

    SHA1

    72c8c42d2c2f0b26de2f20e20bb9cdcef24a98af

    SHA256

    e908a2343b92364babd4b94aeaf42c1348b8788bd0aae094ad73d94bbfca69ac

    SHA512

    707e4f3116fb50ea7d658328cd28007a2ea716bc3fcd8fe299ebbf8dd7a89c5f5c7d44eb61220dbe3c99d527680732c44fc625007c73a6c12b07038e92adedab

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb559F.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb559F.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit