Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

e5901ba8f5...79.exe

windows7-x64

8

e5901ba8f5...79.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    19/11/2023, 20:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e5901ba8f566877e472f9e501f6ea3648ee9be5b8785d0812a2b086f56de3379.exe

  • Size

    4.1MB

  • MD5

    d332cc42688dc7dd71ded9b246c45e66

  • SHA1

    d83359eb12ca71ef94beb43c30456161b3e6c1f5

  • SHA256

    e5901ba8f566877e472f9e501f6ea3648ee9be5b8785d0812a2b086f56de3379

  • SHA512

    ac3e19b59a23502b1d589ba2922db62b1ad1fac180da432530699fe5057149fdd2d2c5b3c64977a88bba0fae91d25a8c53e24c980de26542c220cb7d1ca571c9

  • SSDEEP

    49152:Bb2XfWHdZ8BhE7K2dE+97Y+r5u8QeKxFOJxdb4vZKVs:F2XeHdZChmK2dTKdzOJDb4v+s

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e5901ba8f566877e472f9e501f6ea3648ee9be5b8785d0812a2b086f56de3379.exe
    "C:\Users\Admin\AppData\Local\Temp\e5901ba8f566877e472f9e501f6ea3648ee9be5b8785d0812a2b086f56de3379.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    67dc9ff10d25002fe14de413cad8c691

    SHA1

    23c43988831c45103877193a87b91e033793539e

    SHA256

    86515487574a0da0ab26addef6a4ea5432cbae7fab2141e802692ca27c13e36e

    SHA512

    35ad82fce2bcd1291bd32337163c2b821abeb8505f0573e4a5c2282212431a6c6c2a5e3c02f7ac1af1e4af355a04ca0bc5ebd710a1d893784ba10228ecfdceed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    38340a74e44af63df0d091ad1399c300

    SHA1

    6fecf93d097cdc034eb820d4ce9bf4a5c6c88ae6

    SHA256

    b71bee975fdbeae8a632fa22d1f43dcd405efbc1ae30c45b4ca169948f33f2b2

    SHA512

    0029147004d71232ca5189826390ef4cc0d0593af4d66af97ac17a816312a7bfbbe8112790dd3588ee5b6bce091f6241c2e8f83cc4cde1020aae6f970a6c00cc

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    f07b45535803d469aeec53e7ebbcae69

    SHA1

    38e0f171ef249bdff5ad0ff5833a9c329d480a4d

    SHA256

    79a53a9423aa4eae5110759be07fd48c1f65ccfebf6da8e851e1ca1aa41926f2

    SHA512

    0641eaf81636c2328a8c4fb535baf300346a1990104fee23893b32dc918d9f264c233290ee94b95c845b2da11ed4590e67d418772d664e415eaf844d9d651aa2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5467.tmp
    Filesize

    155.2MB

    MD5

    bff5e7499c471625725a2e6c81949d39

    SHA1

    c4f57b4c59e1c3353936fbb7403335aee65d8451

    SHA256

    a3fcea5933dc50cc1186bd28969a562b56af0f543b0f22eb8fd23e686dd29796

    SHA512

    09c3a8a7d33adfd35a74526ae9c3e015139070a44aa70632e1b578938699f0b6b45038feadcdb9455607ea68237d90bd9b6b6548ba24de0447a438184942d8cc

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5467.tmp
    Filesize

    155.2MB

    MD5

    bff5e7499c471625725a2e6c81949d39

    SHA1

    c4f57b4c59e1c3353936fbb7403335aee65d8451

    SHA256

    a3fcea5933dc50cc1186bd28969a562b56af0f543b0f22eb8fd23e686dd29796

    SHA512

    09c3a8a7d33adfd35a74526ae9c3e015139070a44aa70632e1b578938699f0b6b45038feadcdb9455607ea68237d90bd9b6b6548ba24de0447a438184942d8cc

    Download Submit