Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

fb2bbd9f18...ac.exe

windows7-x64

8

fb2bbd9f18...ac.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    14/11/2023, 15:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fb2bbd9f185a7445d3ccf2adaa4efe3173f3802f2fa68493242d30e4434470ac.exe

  • Size

    4.8MB

  • MD5

    4c43614c281e5728cea43888cb944b6c

  • SHA1

    2df19e37edf0238a8094c536c23e0334baeb0743

  • SHA256

    fb2bbd9f185a7445d3ccf2adaa4efe3173f3802f2fa68493242d30e4434470ac

  • SHA512

    cc11b0ce279206e0aecba501777b77b7aa269be4ac3c92db5c369124aed9eba481335c741bacc69d218f90bca772f372c2d9eb0395989c53bb78d14a3d25b02f

  • SSDEEP

    98304:b5N7jf3yoK2ML1j6UvtsYOKdzOJDb4v+:LfE7HdwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fb2bbd9f185a7445d3ccf2adaa4efe3173f3802f2fa68493242d30e4434470ac.exe
    "C:\Users\Admin\AppData\Local\Temp\fb2bbd9f185a7445d3ccf2adaa4efe3173f3802f2fa68493242d30e4434470ac.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    b51b46ed526c6a131c9b67bb0e5e510b

    SHA1

    26edf4b352f5cf085c31a041df989a31e3996da2

    SHA256

    acaac0fef9c461cc5bc7b0b8112e3cb62bec59a5dcc246f25b06a8f98434e5d9

    SHA512

    08c8df7a572ab9efeccf928e494c06d0e5639fcc54c554b101eb286ae0ec4066cfb697d78641eb7fd82eccc5895987c10723c5cd0476f5a35036ee3629d045b4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    df0fd20f75669d237b3ba2fa86cd4c78

    SHA1

    41d6aa5e9704eac93689f9e52e7d57714b28ee0b

    SHA256

    7ec5e37c857ce4670133c12fd6eead9951a032fdfff3a6965528e19ccadb9ca0

    SHA512

    80be5d320e73b46f50faa727c6fb4871ac1f163ed41fd9f8642bcc6d1d2a381291446881420796394ad0351137105c340ea1235c40cea4a851bb89f6bcb0c984

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    53c27341ec229d439717ed442aa98e6b

    SHA1

    bfa720f3eb9a0bc9ce56b61a754cde5a446aed46

    SHA256

    edfa975679788c203456225574f49ba0f2ff2060e729429f666032c14aae2350

    SHA512

    c37c43340d766642de314d04f131884eafd676f99f1e364c11cdc2d0992d7735dea8a837b224c3b018bc0ede12b313840322ac941f630e75fe19d8fa8f9797c7

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3A42.tmp
    Filesize

    147.5MB

    MD5

    927dcc23e45199efab4ff0452cf17746

    SHA1

    2e34dac89712432f8a1123119e9e2804efea3077

    SHA256

    bc379d36fc38ec4dd4f3f5bf6d8a53bbc7f81fb0615bdf34f3535f78038bda47

    SHA512

    79e13ed18be0ac2904cff59519b9dba6d85434f1119ef5df366bd66c5b80bde475201f9996b7302d922e29e68d5e3f6ad8c61f8b748d87ebfab14f47ef316de1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3A42.tmp
    Filesize

    147.5MB

    MD5

    927dcc23e45199efab4ff0452cf17746

    SHA1

    2e34dac89712432f8a1123119e9e2804efea3077

    SHA256

    bc379d36fc38ec4dd4f3f5bf6d8a53bbc7f81fb0615bdf34f3535f78038bda47

    SHA512

    79e13ed18be0ac2904cff59519b9dba6d85434f1119ef5df366bd66c5b80bde475201f9996b7302d922e29e68d5e3f6ad8c61f8b748d87ebfab14f47ef316de1

    Download Submit