Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

d905c1eb64...8e.exe

windows7-x64

8

d905c1eb64...8e.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    12/11/2023, 14:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d905c1eb640c4d097719fb5f1dbdfae89ee9478ca870c0f4f32d07c3853c828e.exe

  • Size

    4.0MB

  • MD5

    05dee0988737109c005f5d7e1d253a34

  • SHA1

    de301e53f125a3e5089dacdf1c486476fce96c5d

  • SHA256

    d905c1eb640c4d097719fb5f1dbdfae89ee9478ca870c0f4f32d07c3853c828e

  • SHA512

    5d81bca2a270ca1262be7425ccb992db5b73cd7fab7de5be735169b6abb614ee21664fac7c8c04337175472ae6e74c28d51ea1ba3af5c9ed1ab56124f0383268

  • SSDEEP

    49152:eub3nCuhEBygPHQK2FWu5wQY+r5u8QeKxFOJxdb4vZKVZ:Nb3CuhEcgYK2FHKdzOJDb4v+Z

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d905c1eb640c4d097719fb5f1dbdfae89ee9478ca870c0f4f32d07c3853c828e.exe
    "C:\Users\Admin\AppData\Local\Temp\d905c1eb640c4d097719fb5f1dbdfae89ee9478ca870c0f4f32d07c3853c828e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab67CB.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    1c2fdf3367dd2c1877f834c50a1f7407

    SHA1

    e09b730d666fb39364a279ae5521299725ed1a34

    SHA256

    ba494892cda5e083d956e3ce915b75ecd42fe4f025a10bdf94e856dc94bd6520

    SHA512

    5329287ae48630f72dbd6616df8a91d92f01debc113c58eaa6a7c0cb7694789aa06a959ed2465459df54c61e9f52db0cfaa05b1d57fff9c0bf50d0e97e1638e6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    15a1bc025f4c5e2fb9a18de2c9269bd1

    SHA1

    8765d34a8fedfedac7b8c47d0791f8fd54e7c4f6

    SHA256

    3ca3e13aef9d5a794b51089c1600701ef88bb4f8f915fd1be7e490816262a8af

    SHA512

    de27eb5dcc96b49ee8ca935a33c773b9c52f01a83bcd96d071968c3375d7fc6b093d1d41137f0e5fcbb5fa1e1939b9a5383ab92f9ac6930f6903de3f47d8a396

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    655cc8d19fb5a8d454d6ad02562863d6

    SHA1

    ebf4f972b9d77f50c4ee2cf73d351cd02a05b900

    SHA256

    3f1c68dff85f33e381909255f22aca635329bd3754b4ee15fe9fff334315efb5

    SHA512

    15e69a61d15331636362f502fa4b739c4dd6b618eb7ef22293b683773aa8313db4f535b60ece19f36f66445c70b511710386075e6a839f83c2ef312b8b8a70fe

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb624C.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb624C.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit