Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

e2d75e8f42...6a.exe

windows7-x64

8

e2d75e8f42...6a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2023, 20:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e2d75e8f42bcf395c04329218b89ce8e4f7932a78a652ec10840cd5e57a3d56a.exe

  • Size

    5.1MB

  • MD5

    e1dc0c2cf3d931b31bf1c8adf5ccd1b8

  • SHA1

    ba57a921d6911916a38156420367ee8d490d67a1

  • SHA256

    e2d75e8f42bcf395c04329218b89ce8e4f7932a78a652ec10840cd5e57a3d56a

  • SHA512

    da4e5c501b24b840b65a32338429a1ffe389194f47bdaa7ec60f1d1afc814f0f9201811ba3ec489b9f098adf584eb6005c3b14bb716fc707d3f0a617514acda0

  • SSDEEP

    98304:Tu6wCUb2ZLddnXEJiDEWo5KG0uaQ5bzOJDb4v+h:TG2d65ZHTGN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e2d75e8f42bcf395c04329218b89ce8e4f7932a78a652ec10840cd5e57a3d56a.exe
    "C:\Users\Admin\AppData\Local\Temp\e2d75e8f42bcf395c04329218b89ce8e4f7932a78a652ec10840cd5e57a3d56a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    4e597e2643ddd22f4734f188709b857d

    SHA1

    ab40c4ccb308f19c023cba2b0bc004a65ef8ee75

    SHA256

    41c0ae01fb82d4be78670faa33654b289598085f72c3d1ff23ddf4596e055a80

    SHA512

    9d5f138b2cc19d5d478aef95bd898d424c4ba2efb03e33cdda9359fed7d6395952ba24918c73c3906b5b431a57752d5df323c1ec7f4ce9dff5e78fab5c3d2bc8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    e6d5a91403578fffbc17fa6f8f93d93d

    SHA1

    ad62746922cf735bd1deea1fb0035828b90189dc

    SHA256

    45da8cdd987e8cfd8d14e8ea014ee60ce78488bbc863c6704e30002dac210c91

    SHA512

    74fba1881c39756a5ae92fa52459edbbd2f0f0bf473c0b16800f67203bdc622d701b10843e2cf9e651387ee079a3ac2edc59cb7a8870209ae1fdcd6d582e1fff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    58473450667f2b8839c57cb384d228e6

    SHA1

    4faaca14910bf91ac58650225b513df336b10704

    SHA256

    b8164722274921f0508b4173c5a21d628b00412352d1f5c51401a9938bfdd3b7

    SHA512

    af44f7854ee8530afac5692de8ad9cd7fe796082c666cc9b8d9baf4bd6a17c5ec4b9160f031507322aa6bbea1a892d760cd4e343cb0a51716c0248a4f328bc69

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    6cdff30a3c51db36289b11d4f96f6d6d

    SHA1

    b9e746b074c6d272b3a0a0197e38e4b08fa3d9a6

    SHA256

    cfba75be1ed0a91bed63ff1aee3ff12fab9c03ef1d8dc48db2f4cc929dfdc156

    SHA512

    ec7c1f031906dd4152a92cff0e39fe3d137115ad6f52c949984109e2831b650f301b09c0be321db99ab1e2164cd415ff5bd988aec17de18b9e5fbe3092d7bc90

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb53DA.tmp
    Filesize

    122.1MB

    MD5

    e8ced8919c419800aaa426ce1b5409fb

    SHA1

    7350795a431c409129c2bbf3b5087cd0260a9e5a

    SHA256

    be9725053dbb7b5f3f8a765970dbce71023239efd00a07c42d35a5a1b849b759

    SHA512

    d7f140dfdfbdaad810f35327b309b171678a60b0efac5ec48bcc5e84eac13b922bfdfa6131829b7c64591e6e99fcf475a2ef2f5c313bea63278464c8c56b19ea

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb53DA.tmp
    Filesize

    122.1MB

    MD5

    e8ced8919c419800aaa426ce1b5409fb

    SHA1

    7350795a431c409129c2bbf3b5087cd0260a9e5a

    SHA256

    be9725053dbb7b5f3f8a765970dbce71023239efd00a07c42d35a5a1b849b759

    SHA512

    d7f140dfdfbdaad810f35327b309b171678a60b0efac5ec48bcc5e84eac13b922bfdfa6131829b7c64591e6e99fcf475a2ef2f5c313bea63278464c8c56b19ea

    Download Submit