Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

176489f7ed...6b.exe

windows7-x64

8

176489f7ed...6b.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    17/11/2023, 04:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    176489f7edd99da79f8853849e2070929b49dde09d8b2608302021575c5be26b.exe

  • Size

    4.7MB

  • MD5

    1ed53730e8498ab010a31e81d7692777

  • SHA1

    ce8ebc34a9f7baeb80d7989d0109d6aa851e178f

  • SHA256

    176489f7edd99da79f8853849e2070929b49dde09d8b2608302021575c5be26b

  • SHA512

    30ef9f63b025b97a36496b6059d848836459761efa952092020a4515ffb1263a3f94e322ae6b293152aac859e353c14ad14982cfe3b3c1d25837ba4f580c6fe2

  • SSDEEP

    98304:y2XeHdZChmK2dkvDzF2CLcKdzOJDb4v+f:edZybPLwN0v+f

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\176489f7edd99da79f8853849e2070929b49dde09d8b2608302021575c5be26b.exe
    "C:\Users\Admin\AppData\Local\Temp\176489f7edd99da79f8853849e2070929b49dde09d8b2608302021575c5be26b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    ef94786c500bb294785e26c379d9dd62

    SHA1

    d7e8ee1f3cfc6ed05f88d91d55139dbca0d67da6

    SHA256

    1096dc131a70f28b5d22a88aa6b3580650d33304c16412347108294964554acd

    SHA512

    38c13c4731de87f153cfd16988e9358bb166e03815054698c84b274537ac069c9856923da8f41e9e8630b07b0759ab1b25d9314f1c4184d7f5c08ae11377c6f2

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    ea7f8e2d94e6ba310630a7c1b41b08f2

    SHA1

    81229d9bfa33ec2eb1db15729c87d63ae72f7d48

    SHA256

    310e20747de232d2f1572e489452cb3c49265a4e7fa4b625d3575b609f2329c3

    SHA512

    f36a8a3fa6468c8c85761504bd2755843a0552949276ac6d02ac43a54299382e0108d24d3f52133df17377893f22e51e0659567f9af37d4bbb998cc76383f18c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7CDD.tmp
    Filesize

    146.2MB

    MD5

    06414b7efabecbf8425122e533dd92af

    SHA1

    a55f55007c8836a67b3ad998b01b9611241233d0

    SHA256

    d6d7cd9c756f76b51e6f1eaac3a566e37d05d91370f8c0978a381dd3ecee820c

    SHA512

    1f4ae28121d7294a2b504a0e8166a0f0a56caacad51de47d0c54e2fb71a082c2c35a43161f90579307d17e6b0431a7268717ccbc2fcfe9c9c6d7bd793b2f70a8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7CDD.tmp
    Filesize

    146.2MB

    MD5

    06414b7efabecbf8425122e533dd92af

    SHA1

    a55f55007c8836a67b3ad998b01b9611241233d0

    SHA256

    d6d7cd9c756f76b51e6f1eaac3a566e37d05d91370f8c0978a381dd3ecee820c

    SHA512

    1f4ae28121d7294a2b504a0e8166a0f0a56caacad51de47d0c54e2fb71a082c2c35a43161f90579307d17e6b0431a7268717ccbc2fcfe9c9c6d7bd793b2f70a8

    Download Submit