Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

e9cb6af71f...bd.exe

windows7-x64

8

e9cb6af71f...bd.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    05/11/2023, 19:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e9cb6af71f2b6652a19f8d9b8c537332cff05c15c1ba710b1ba77a825e166ebd.exe

  • Size

    4.9MB

  • MD5

    686504ea18683ef47a1700c96d60b66a

  • SHA1

    bd83f7408a82aad453a447b004172464e67d6c1f

  • SHA256

    e9cb6af71f2b6652a19f8d9b8c537332cff05c15c1ba710b1ba77a825e166ebd

  • SHA512

    e1c784cac4a5a57859797eff51b09addb8f68a3419a4b115da54f109605d69e2c0da0cb77e290a55b5c19e78c0b7390cbf59180c3bf5bcc9a6be723b88aef9cd

  • SSDEEP

    98304:nrS2H6ei5ncznNN2co86WDASKdzOJDb4v+:WYzX2c6WDawN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e9cb6af71f2b6652a19f8d9b8c537332cff05c15c1ba710b1ba77a825e166ebd.exe
    "C:\Users\Admin\AppData\Local\Temp\e9cb6af71f2b6652a19f8d9b8c537332cff05c15c1ba710b1ba77a825e166ebd.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    3dfc923c57d935ebd39653774b77ea39

    SHA1

    1d7db8c6e47b4e49aca5830d372d79797ee27032

    SHA256

    d95331b8ba2b0e0a5fb88b89ffe0e8e947bac28468e1013ef091fcf693ddb8fe

    SHA512

    071e57aa0fc20466f5e92d3a6d87e403ff0eaec72d68b6c40be0fef198b80147bbac15b71edc18166d0a77d2967809fef956f1fc1ae1ce9f40e36162eee702e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    e934253f51c4969cb392f6c93c58c6f7

    SHA1

    d046591625c832af306834cbde0cd5762809f8a7

    SHA256

    d53003629a37403f1e4ea0e587d1625d5a8796a17fa4e4a98d497734bf8de874

    SHA512

    c15f3ffd632e86b262777e2bd8293896800e91685d974e0431b235d77c7225d6c9016f50bc48a6c1462fb1aa72885c99104d3a864d905abf42ba2e70c4910eae

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    c862929f033037bc88a9fbb721771692

    SHA1

    0d045bb43b4a9d67624fb3043b05334d30c725ba

    SHA256

    19a07f005779854d096b565a3ec65f3a46ac2df1ac248536679cac2007922be4

    SHA512

    7f11ec7ffb17d35752bdf09ca2139154106bdff61392a098705fcbb3b14cf03a63759235fd323f7b45fd7f6641e9b242ada9c5c4a8d6579d80ff5f80fa0ee649

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8B5E.tmp
    Filesize

    140.7MB

    MD5

    8c64c4d22282f23112d1cd6665ddd291

    SHA1

    d5a4ca6f0261ae2c7d0c882e952d3aab6de93894

    SHA256

    56252150c84539780d8c3c34e9f840c8cd2eecc4e701e7d7536b9a7bb68d8c49

    SHA512

    1c39f382770d76edc30ef1202ad40db1cffc892d0e993ef4ffffb1d924e111f812b47d4ba767e136a48be4309bc2048c21fdb620876ba35e2447601fc46c3ab0

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8B5E.tmp
    Filesize

    140.7MB

    MD5

    8c64c4d22282f23112d1cd6665ddd291

    SHA1

    d5a4ca6f0261ae2c7d0c882e952d3aab6de93894

    SHA256

    56252150c84539780d8c3c34e9f840c8cd2eecc4e701e7d7536b9a7bb68d8c49

    SHA512

    1c39f382770d76edc30ef1202ad40db1cffc892d0e993ef4ffffb1d924e111f812b47d4ba767e136a48be4309bc2048c21fdb620876ba35e2447601fc46c3ab0

    Download Submit