Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

c5e35e81ce...78.exe

windows7-x64

8

c5e35e81ce...78.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 16:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c5e35e81ce49676b44ff252810f61857e811b0036c1b4eb27a24bda0d67df278.exe

  • Size

    4.8MB

  • MD5

    eb75ee59c4f2682784f985e514c0e2b0

  • SHA1

    12b1643d9006ce8300dce360d2a86a6b4400fa3a

  • SHA256

    c5e35e81ce49676b44ff252810f61857e811b0036c1b4eb27a24bda0d67df278

  • SHA512

    88e27a06f2f363433c70a27afd8ca3016c6c39e3b334958d69dd270314df57b573f3d55f603208e124de1850512e8cb9327c0270cdbc1f43d1c99f6490f4ebbf

  • SSDEEP

    98304:ugu9llk/yHwNf3n48yk1aaKdzOJDb4v+uY:sllzBZwN0v+uY

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c5e35e81ce49676b44ff252810f61857e811b0036c1b4eb27a24bda0d67df278.exe
    "C:\Users\Admin\AppData\Local\Temp\c5e35e81ce49676b44ff252810f61857e811b0036c1b4eb27a24bda0d67df278.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    0951427f2ac17f0885b10993341cfe39

    SHA1

    7c0a9d1c54bf91a8cc00d66e50450403af240118

    SHA256

    4f922aadcfa6f8167e6645816176e3bda43f69e5afefa580603e7a6d2b14327a

    SHA512

    a3146b9e538539b8be4a9c4dd975b62283db26e7f79ff0d0b6a7007e828825a286b006f14fd1095bf26037f4b6ae7d4ad4ba37a9ce69b2d63b1cd8bb678a0f40

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    26106b9970afcd343db5a43c1e9b3202

    SHA1

    05ce4af14b18a6be3d060193a9d8475bec81aaba

    SHA256

    068d17781ea724b0aaabb7d5c88fe0a5585bb956683254ca917acb479eb723b2

    SHA512

    f38daf6b11bf405b18437232f65a9944c4bc9ee0d928c7c61278480731befada6e20e59ac6ec7b811270cbdf92b579f0851136c2e4c81bfa43b812ef49f0e5f6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb1390.tmp
    Filesize

    1.7MB

    MD5

    43cdb39ec87e22ad3b37d6b57c0104ad

    SHA1

    766c2481f0aa47ba0fd4ff5aadfa0667d266e2d1

    SHA256

    1dad74e020441eb5870bd0d5d3a2253a47e3aedae1a38e5e808945fe710996c6

    SHA512

    db6a63ad8899211a43dee7bc2fc7000eedf72df162961fae83e7158e4c9267ec34fd6ab0b488342d5db76f4945ec4bb42160f13cbbde32283ab59fa8265f8944

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb1390.tmp
    Filesize

    2.0MB

    MD5

    7385e073e421f92041d2bab54f50029e

    SHA1

    af2f10799513a973aceb353ac2a1d3f660fd88dc

    SHA256

    86bf4ba0b953d441619cda42779388c00095fdc8da94012f2a4e7364609fce9f

    SHA512

    d6ea7a7d42dd3186fef1468f32e6e3121328e09c973592c85d13b5f303a8eb1a27b7a0ded6d0de004389b597894659aa42c4ece37083818e7a43e606da8757b0

    Download Submit