Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

cbe0696505...42.exe

windows7-x64

8

cbe0696505...42.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2023, 02:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cbe0696505aa6bc05bda466c99e034961f0657fb24c84c9675523c20d2210842.exe

  • Size

    4.1MB

  • MD5

    c411743afe0aec18ccbf9a63b0152620

  • SHA1

    f219f2f421e5ecb5a117535d9448f1aa17275a27

  • SHA256

    cbe0696505aa6bc05bda466c99e034961f0657fb24c84c9675523c20d2210842

  • SHA512

    e379fa5a21304c088ee4f60fc87d0d5efb51a2e0dccaf8ec646182961c474356f433c70df976fad9d583f2a348f7bcc871740ff7cd17788bf0cd756b270382e7

  • SSDEEP

    49152:JFu0DxJ7eN9Fd8iz2prAbjf+Bh35+r5u8QeKxFOJxdb4vZKV:fDxJifFR2pEbjfNKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cbe0696505aa6bc05bda466c99e034961f0657fb24c84c9675523c20d2210842.exe
    "C:\Users\Admin\AppData\Local\Temp\cbe0696505aa6bc05bda466c99e034961f0657fb24c84c9675523c20d2210842.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    761fe2d935d9614f947fc70696c5f9b2

    SHA1

    60d41a37c66b294a0e407bf337e84213e80fb2c7

    SHA256

    512104490aae2edf947b43ae7f62b8697cd779753b71f618f7fe90ce9ec32fea

    SHA512

    90ceaf35940e0d7de3d27d3dbb625092d63043ed071ab8078cc0eed9c9c2e35db92f94a2718621f766143fa23b1b475bd9500401e6f2b99cde205852aaada24f

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    4f1b61c78dcba6cb5e7681f272d51e73

    SHA1

    b9251acc55704399f7a7565e84d1d77977226416

    SHA256

    0f15c5b0459910efd9e3720b31611da7bb84bc2c466966f82428be00482e42b1

    SHA512

    b35aa4a5de7dfb1113b43b6b6ded8de4ad0a01531d8d4ded84b4a455b5bb6f929065b67e7056d3b5bcc4fdae36e816a3a24725021f709a153f11d112ab9bf47c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb388E.tmp
    Filesize

    143.3MB

    MD5

    4d774fdc773c577517eb9c82ee0e824e

    SHA1

    d69787bfa964fb095b45eb090be7a0d1cb103a39

    SHA256

    1cf5a864c92b951981333bb67c0fdb200690baabfefd10579b0da3a0a60a7571

    SHA512

    78d3be8b0499e610b056f1f3ca6853aada622426781239a1a47a348cb26a3f895ba75e986378d1f795cf2083247570e374fcd36bd2a5f9a220866b51e81afee6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb388E.tmp
    Filesize

    143.3MB

    MD5

    4d774fdc773c577517eb9c82ee0e824e

    SHA1

    d69787bfa964fb095b45eb090be7a0d1cb103a39

    SHA256

    1cf5a864c92b951981333bb67c0fdb200690baabfefd10579b0da3a0a60a7571

    SHA512

    78d3be8b0499e610b056f1f3ca6853aada622426781239a1a47a348cb26a3f895ba75e986378d1f795cf2083247570e374fcd36bd2a5f9a220866b51e81afee6

    Download Submit