Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

0b9afbb044...26.exe

windows7-x64

8

0b9afbb044...26.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    26/11/2023, 16:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0b9afbb0440ff8936542e51139463481e9fd7b208cfd8fa371c4c7f5ca7f4726.exe

  • Size

    4.9MB

  • MD5

    e890d096a2a9148da1db19005e15e3b9

  • SHA1

    4ce51ac987972da8653d01dec5de81b39c81a2df

  • SHA256

    0b9afbb0440ff8936542e51139463481e9fd7b208cfd8fa371c4c7f5ca7f4726

  • SHA512

    70901305c925ccc2ffeeecc15fe5d6f3db65505463067fd81b72373f58ed1110917f23f6f378033be85bb1e55692b57f5e06616bd93c823c17fd830f08062106

  • SSDEEP

    98304:4hQI4CudV8s3MJ279sA40aBKdzOJDb4v+:7bM2p+nswN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0b9afbb0440ff8936542e51139463481e9fd7b208cfd8fa371c4c7f5ca7f4726.exe
    "C:\Users\Admin\AppData\Local\Temp\0b9afbb0440ff8936542e51139463481e9fd7b208cfd8fa371c4c7f5ca7f4726.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab3E2C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    354c793c4baa848e095c150e314ad805

    SHA1

    1c7c80d0e0c927becce7e6ae3090a51308e0ee35

    SHA256

    539e849ededab2c8e6ca1fc987fe1a38da0e5bd3b0647d86d970045ea11bf6a1

    SHA512

    d484e648bfb3a728cbcef62780a7a48143f97d7ca1eba266ae6d123873a77a42f59394763af9325e0310a44adbc63e2d84c9121aa52d33d7bd7861d34adf4b29

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    18dbc8b88503390d86dee45f3ff8acbc

    SHA1

    d89d437323e067d1434bab8d101848231b0bb707

    SHA256

    e9fa876b104e7839346e0f3d54773c8f674129e329386bf6b13e5570f386f748

    SHA512

    d63a5b51a6c9088d6f4d556efc004decdeb2c29a174ca822fa834c10decb6de942020fe825762dc182f6e70cc1c2ad84eb991e83b0273ffbcda5575f6d2440b5

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    fcce64907834103bc4bcde2442242da2

    SHA1

    c155c5df5d5f662b1484cad17ac7b0da8825d55f

    SHA256

    19bab6177b5f057fb6d26cf18d1366ebaf02f4fa477c355b94998fc257cb2d5f

    SHA512

    6b834e3220042c57250d15f960efa925781bd1af095dc333de0df62fc412a7e4504b95a054039780934c257c9327e28345a790a347fe44196504b9e07bc410dc

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3A90.tmp
    Filesize

    140.7MB

    MD5

    14df61f45b063918edb8df6ec4bba5ae

    SHA1

    81b92a03fe7654c3bea7803baeeeed43113b1b3c

    SHA256

    ab5ac3ee7f849163cab0140c12ad182ab445227bd715df9418e7a17821c860a3

    SHA512

    ec385f798f33968be8fb3466b7083e826d8a49db0cbc830a02549884e1b61e2fea4c869bf29fe1d0f3a164e8fe642790ecc1a6e1ac48bda9050e4026a99b1d08

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3A90.tmp
    Filesize

    140.7MB

    MD5

    14df61f45b063918edb8df6ec4bba5ae

    SHA1

    81b92a03fe7654c3bea7803baeeeed43113b1b3c

    SHA256

    ab5ac3ee7f849163cab0140c12ad182ab445227bd715df9418e7a17821c860a3

    SHA512

    ec385f798f33968be8fb3466b7083e826d8a49db0cbc830a02549884e1b61e2fea4c869bf29fe1d0f3a164e8fe642790ecc1a6e1ac48bda9050e4026a99b1d08

    Download Submit