Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

d1ddc7a618...51.exe

windows7-x64

8

d1ddc7a618...51.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    06/11/2023, 14:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1ddc7a618da0fede52333d6a87a976b41644b0e10a90b26f971f72709e8c251.exe

  • Size

    4.9MB

  • MD5

    aa7ba94db665056f7d1ab0944c2596b9

  • SHA1

    b2a8ef6426c85a953ebd8f2d79d8ca91eb9b15c2

  • SHA256

    d1ddc7a618da0fede52333d6a87a976b41644b0e10a90b26f971f72709e8c251

  • SHA512

    71a6eb17f782a944b96edfd4c156dad817928cc21de5191504033da58f808dbfe054a359e9b59ebda806355ecc0830965fcbdabbde83ee84092bb52c71d6beee

  • SSDEEP

    98304:nrS2H6ei5ncznNN2co86WDASKdzOJDb4v+:WYzX2c6WDawN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d1ddc7a618da0fede52333d6a87a976b41644b0e10a90b26f971f72709e8c251.exe
    "C:\Users\Admin\AppData\Local\Temp\d1ddc7a618da0fede52333d6a87a976b41644b0e10a90b26f971f72709e8c251.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab3D03.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    b94f2b40fb99b2edaf125c2e07ca9291

    SHA1

    e56b0d347a931a91fd3f522a2c4a5cc4a67f7790

    SHA256

    98f50a24922e2f0c5815c57c8597a2c1126984e3e49c939c68a3bcf1525e0c8b

    SHA512

    2197541db6ede85462f19ac24d58c6d7ac44ee62322b6bb5ebf2068ff42fb7dfc2968a89fbec62ea098a77855c87b081922a1161a2b0c6d488ce086592325234

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d7b7ababddc256a236f64c50eecdce49

    SHA1

    09913a0fc27b36e5ea160e48c719d42c306a9acb

    SHA256

    fc2e3616e5cfc421d36fe4eb1d2f70c0927017804a5579b7455bd774496ec6a5

    SHA512

    cce4b66c17eb8e35648085b4d7074915b013658ef6abe459bd8d5b30d65f9d84034a23268330fa3a10bef8bcff2d725213cabfe13339f187647cfa2191bcaed3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3A04.tmp
    Filesize

    140.7MB

    MD5

    8c64c4d22282f23112d1cd6665ddd291

    SHA1

    d5a4ca6f0261ae2c7d0c882e952d3aab6de93894

    SHA256

    56252150c84539780d8c3c34e9f840c8cd2eecc4e701e7d7536b9a7bb68d8c49

    SHA512

    1c39f382770d76edc30ef1202ad40db1cffc892d0e993ef4ffffb1d924e111f812b47d4ba767e136a48be4309bc2048c21fdb620876ba35e2447601fc46c3ab0

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3A04.tmp
    Filesize

    140.7MB

    MD5

    8c64c4d22282f23112d1cd6665ddd291

    SHA1

    d5a4ca6f0261ae2c7d0c882e952d3aab6de93894

    SHA256

    56252150c84539780d8c3c34e9f840c8cd2eecc4e701e7d7536b9a7bb68d8c49

    SHA512

    1c39f382770d76edc30ef1202ad40db1cffc892d0e993ef4ffffb1d924e111f812b47d4ba767e136a48be4309bc2048c21fdb620876ba35e2447601fc46c3ab0

    Download Submit