Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

d74833e5d2...9e.exe

windows7-x64

8

d74833e5d2...9e.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    22/11/2023, 15:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d74833e5d2a9f2d4486e4b0307a89930a0072a74211dc1666af06cb7ad0fdd9e.exe

  • Size

    4.7MB

  • MD5

    054e3dea1bb02388baecdd4e52883857

  • SHA1

    79a10aa8289eb641bcb156af575a815a28821fc0

  • SHA256

    d74833e5d2a9f2d4486e4b0307a89930a0072a74211dc1666af06cb7ad0fdd9e

  • SHA512

    49e3d4a254bf67140c0b254cb8180d8ce975ac48cc98d90c0ab3a34c4687ff67775580d6910e53a98c93bb992669fc19faaf05e451625f813844a45b6c65ee2c

  • SSDEEP

    49152:xb2XfWHdZ8BhE7K2dM3Jqfmc2jRAjY+r5u8QeKxFOJxdb4vZKVI:12XeHdZChmK2d7eRR+KdzOJDb4v+I

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d74833e5d2a9f2d4486e4b0307a89930a0072a74211dc1666af06cb7ad0fdd9e.exe
    "C:\Users\Admin\AppData\Local\Temp\d74833e5d2a9f2d4486e4b0307a89930a0072a74211dc1666af06cb7ad0fdd9e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2872

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    b5b7cba0230851c691b92c41ccf49bcd

    SHA1

    a030590446114629f525d73252d7aa2219f9dfde

    SHA256

    a17bf859c5ba3ed03fc3f4748d9a6f38ca46b00bcfd5518d8191eec1add577d8

    SHA512

    239be97295b9aa8c7caebae04d8db95e58fe58b9532df22faf19ddf0b4d48a87e7be6bea2a2912746bd47ffee9b3662d96ae4f39e696fa16394c873caf4b3691

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    ef8bc4671254935b80fd080c8a7311f1

    SHA1

    17d081087272d414da368fdf876844f1f73d4756

    SHA256

    6f2fe9af465813dc8bed394e887a35747063c23355122d823b1bda360969b4d2

    SHA512

    14472465fff895edc364f25be593664e81ef04c44600133a1982292650900bf3208cbc458c372313396269d25ab164c5d0f6f2c6e0d81a41096cefd56e1b8acf

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    90597f8110198574497bdd61ca0825e2

    SHA1

    c0b1650f023eac2ba8a6d30259cbee287a979c3d

    SHA256

    0aaf65070457c80cf3130823461044eea0588241f1900ddb0b589774c20719cd

    SHA512

    f6ffd6001b2ca00f1e3eb9ce70448d1933a04ace4778842e12653dba9d3168180cf9962c07417bc7face6cdfb6f8431caa3784fc8783d9da195a0ef0b6e61f49

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4894.tmp
    Filesize

    155.2MB

    MD5

    9a1480ecca891dc9dc2ae1d99ae244ad

    SHA1

    2dfaaa7604f4ddb416f17f5f7a82e69a7772b4d5

    SHA256

    f4bb2a7c5e8aaf350c9f035adaff91d6474a6076d8c3d19bfc83357a48a411a6

    SHA512

    5c24f8abc4c83df807a59444eb73ef6b3c6816bcff8cc976edec6d7373ab3bf22551c54e38cc4cdd095f559dc42f35e52803b3425b57e43c714801bc5d451d3b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4894.tmp
    Filesize

    155.2MB

    MD5

    9a1480ecca891dc9dc2ae1d99ae244ad

    SHA1

    2dfaaa7604f4ddb416f17f5f7a82e69a7772b4d5

    SHA256

    f4bb2a7c5e8aaf350c9f035adaff91d6474a6076d8c3d19bfc83357a48a411a6

    SHA512

    5c24f8abc4c83df807a59444eb73ef6b3c6816bcff8cc976edec6d7373ab3bf22551c54e38cc4cdd095f559dc42f35e52803b3425b57e43c714801bc5d451d3b

    Download Submit