Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

faf34c4d61...7a.exe

windows7-x64

8

faf34c4d61...7a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    136s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    faf34c4d612776e66697f95d2dd0667286a518b51ccfe82ebc204cc5c7ee4a7a.exe

  • Size

    4.8MB

  • MD5

    4fc6d54dd9f2211cb4a5e35297e18a12

  • SHA1

    e7369cfd2bca7bf65b4a674394ea32be4b899086

  • SHA256

    faf34c4d612776e66697f95d2dd0667286a518b51ccfe82ebc204cc5c7ee4a7a

  • SHA512

    a03a0600a94c3a64955b44a126105bee5c387730ba2d70d16218a58adcfd0a10c4244ef26dc18699c31363694c08542bb3303d60ca774fe2c1463454d940ebac

  • SSDEEP

    49152:dsLru7MMI9WcHupei+kncBNdVpxUw4D1glJEqPTx4Y+r5u8QeKxFOJxdb4vZKV:QrS2H6ei5ncznW6TwKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\faf34c4d612776e66697f95d2dd0667286a518b51ccfe82ebc204cc5c7ee4a7a.exe
    "C:\Users\Admin\AppData\Local\Temp\faf34c4d612776e66697f95d2dd0667286a518b51ccfe82ebc204cc5c7ee4a7a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab5D8E.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    4116886e5089b57f75c91450ab64053d

    SHA1

    647ca679a3eabae5f50b86fa1c53bb8683d78fbc

    SHA256

    f0bdd538d7905933170bd26da9197b2fd5c0c5be0d9cabf4fa4aebffc6558d7d

    SHA512

    81d6eecb87040206de28578446c60e801440d9796940c9bdab34433848e543153ac8367ca566259d62c0e11db689b15a7a8be9f93ce837cb8b7241a6fdd98c55

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    fdff824986340a04369bcd16595a322d

    SHA1

    cb970e33e437eda510684f4eac31eeb3b5da0c90

    SHA256

    df88fe80331d66a74f1fd07afabbff3051ce56455e0166767346431e1465b18b

    SHA512

    d4824b0523afe9693ae99b293a92f5dd99413689a56b3fd00084826a141162b8a906769504d57b46c15db98c3b33f1bc0e88f21099b6da4491cfeaf0c36f5d8c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb59B4.tmp
    Filesize

    140.7MB

    MD5

    74df450f02e1c60a38fae17aa49e9d77

    SHA1

    818cb32e9ece4d9d1e731ca5343bafe7e53a019d

    SHA256

    f2da60384781e35be35ab2c5c750d81e684caf7885bb9890df61c2b687a0d5e4

    SHA512

    01e72fbed0c3d86ad88e085ef9cf460176e08c891431ca413c7d6d0d29d2a10372b35eeb98167ce7ff25729c722fde0807ca0badefb3e004b1bceb4e24bd4e44

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb59B4.tmp
    Filesize

    140.7MB

    MD5

    74df450f02e1c60a38fae17aa49e9d77

    SHA1

    818cb32e9ece4d9d1e731ca5343bafe7e53a019d

    SHA256

    f2da60384781e35be35ab2c5c750d81e684caf7885bb9890df61c2b687a0d5e4

    SHA512

    01e72fbed0c3d86ad88e085ef9cf460176e08c891431ca413c7d6d0d29d2a10372b35eeb98167ce7ff25729c722fde0807ca0badefb3e004b1bceb4e24bd4e44

    Download Submit