Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

393157b838...0e.exe

windows7-x64

8

393157b838...0e.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    26/11/2023, 05:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    393157b838cddb2366850df41f00a2fd3b5240541fd1d1ce41d7abbfbe2a980e.exe

  • Size

    4.9MB

  • MD5

    0b2386e206b20ae14f1eee8594522937

  • SHA1

    6dd1221f9f59c46e2e3b8de983405c59d09c1a81

  • SHA256

    393157b838cddb2366850df41f00a2fd3b5240541fd1d1ce41d7abbfbe2a980e

  • SHA512

    d8d8f46bfd05b629cf3795199bf360597f04427109f895a2e10e312ac53759f56b7e7b701209d035b1239e42293797ad2c4f33240ef1fff3889c3f88c93e5910

  • SSDEEP

    98304:4hQI4CudV8s3MJ279sA40aBKdzOJDb4v+:7bM2p+nswN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\393157b838cddb2366850df41f00a2fd3b5240541fd1d1ce41d7abbfbe2a980e.exe
    "C:\Users\Admin\AppData\Local\Temp\393157b838cddb2366850df41f00a2fd3b5240541fd1d1ce41d7abbfbe2a980e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    d0196274f82ef49b319c91577b97d927

    SHA1

    93752de42687517fcafdc75c5b972976c6394776

    SHA256

    69fb8db8dbfa835b13bc0d2b31a1c7a60f301f45e3d0db3c65f9ea90c8c4aeb8

    SHA512

    db2f68542889667bc75eb4e4960134c092df4ce73bfed72850a3fc98b901ab49410879507039e59ca56430b0452d90cb0ebd925326c4eb3edaa1e1182a8a834b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    1b186dce62f450aa11a472c43205c572

    SHA1

    dff2c8eef0b156946edc637a0c1ff4395e04c277

    SHA256

    97c6973e04b1b11e2e0a3e83f5847b0a03c3d02eaaf281b26139d3fe276bfa6e

    SHA512

    04e2be8074a2dae737c9c978cc75b5024cd935423a3b1b4fedb61ef5825d172b580113b37b2f98bf1206f3f113e4fcf16b529600841677e29da52dd4a75da0c8

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    19482e27fd4ae2d1dd7572be591f3113

    SHA1

    04bdecfe52b5e11f661de7a3da55a633d97bd1ca

    SHA256

    fdde9812cb2743b8a45ef5a3ab364a7c5dea6b4c66bdd4c2d1ce377540bc5535

    SHA512

    702e140ac53ab0e39fab7ab170636ed862f4bc6c77e92aad8eec08a6079da350a40031b1e90ea2d9bef49c4aa29e7cfa3c40fd7adcf64505d5c7f8d45d21723b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3340.tmp
    Filesize

    140.7MB

    MD5

    14df61f45b063918edb8df6ec4bba5ae

    SHA1

    81b92a03fe7654c3bea7803baeeeed43113b1b3c

    SHA256

    ab5ac3ee7f849163cab0140c12ad182ab445227bd715df9418e7a17821c860a3

    SHA512

    ec385f798f33968be8fb3466b7083e826d8a49db0cbc830a02549884e1b61e2fea4c869bf29fe1d0f3a164e8fe642790ecc1a6e1ac48bda9050e4026a99b1d08

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3340.tmp
    Filesize

    140.7MB

    MD5

    14df61f45b063918edb8df6ec4bba5ae

    SHA1

    81b92a03fe7654c3bea7803baeeeed43113b1b3c

    SHA256

    ab5ac3ee7f849163cab0140c12ad182ab445227bd715df9418e7a17821c860a3

    SHA512

    ec385f798f33968be8fb3466b7083e826d8a49db0cbc830a02549884e1b61e2fea4c869bf29fe1d0f3a164e8fe642790ecc1a6e1ac48bda9050e4026a99b1d08

    Download Submit