Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

7c8ac4c583...38.exe

windows7-x64

8

7c8ac4c583...38.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 12:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7c8ac4c5838f2bce9dd6f744aad2651731110f2a0b217afde954fb105f1a3738.exe

  • Size

    4.3MB

  • MD5

    3e6bd11a6b276d8a6cbf0cbed889db69

  • SHA1

    104e4fd01c3fa4d05304618c81c5a3bac6e96870

  • SHA256

    7c8ac4c5838f2bce9dd6f744aad2651731110f2a0b217afde954fb105f1a3738

  • SHA512

    0349723de7228aa3b49b1dc7ab9714062e9441e1b9869936fe41fc5c5d72b9fc37f5ed02aaa7da9b46440b73c3ffffc928a316d30ac4b19209e1dff86d949475

  • SSDEEP

    49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7c8ac4c5838f2bce9dd6f744aad2651731110f2a0b217afde954fb105f1a3738.exe
    "C:\Users\Admin\AppData\Local\Temp\7c8ac4c5838f2bce9dd6f744aad2651731110f2a0b217afde954fb105f1a3738.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2332

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    a0135c4f4c5cd74a5e05cf285277bd80

    SHA1

    ea8a25c3334c0cd27f5690b371be61605f61f193

    SHA256

    0bb8f36d3e297f996a5c26a0bd13b6d8c3550a46f4170aaa02ca3a9695c6ab20

    SHA512

    3df83c48dd5648f56824e995f1ed14cab16743ac2c1349e4c996bcb29a4f24fb98af6bee2ca2b66f803d76aa682211af8052abf0ec5b7c25e1bfde1042daba12

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    07048112318027474cc71cbd0a1a224b

    SHA1

    a130816a160c3087d3fda3fb4bbdf6709337e4e2

    SHA256

    b6c14985aec7cda156f9ece56e051111df8b3d4303d5bb08880482c58c618cbd

    SHA512

    3775e689738faeff29f0643c05bdd24ce0c3e8ebf966f733fba088c38b26b82139c88c51b6f2052df6d2670242e4c11a03e14a5791e00d8b3d131a4188a83d68

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb120A.tmp
    Filesize

    386KB

    MD5

    a963c1a4602f7c03efa15e54028ff7e6

    SHA1

    8b620db4e3ac7fa20acd5fdb75aa146cadec1041

    SHA256

    2a97cc02d667ade56786d90f5e50f6dd26a5447a732523766eefb37e3deeedf9

    SHA512

    707abb487dd702242143f8d16f72d97267095f04a3ab33c0c33f3565c578809a0260b59f94a576fc3cff7196844248a29b1d764dab28ae499d7c232d4b8eeed3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb120A.tmp
    Filesize

    894KB

    MD5

    4e980b6ce79962208697befa387bd3d8

    SHA1

    64ca143ae8158c17d1794ade06073533894b9cc2

    SHA256

    c6515ed74579502fe9126074568faeff73092fd6360c880ef7a756431248e33c

    SHA512

    4fbbc5c6fa42f9a5824fb1e1c2ec003771279637ffd854e36139b06ea7bbda029ec32f270ad49492b13d75b5b0e059cf79902b65f7d4c0274f20a9bcd3f2ae7c

    Download Submit