Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

e29371ada1...89.exe

windows7-x64

8

e29371ada1...89.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 12:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e29371ada1e75243c26a4c14c30b1ee574c492def3f1715bc663c1053f6a0589.exe

  • Size

    4.3MB

  • MD5

    ded4f5d3924cdd08638eb60500c3b8d6

  • SHA1

    e45c66554113a2adb937b7a90c7ff585164c51ba

  • SHA256

    e29371ada1e75243c26a4c14c30b1ee574c492def3f1715bc663c1053f6a0589

  • SHA512

    876525d29bbabb39bf60c5cf79fee13a58572ec592e3d8f675e233f75ca05554d51af4ac22cf051c7229b556da26950677c4e684fe11ed4c61681c1159f1c7f4

  • SSDEEP

    49152:8MLPIdiWU/o5LcUekfbj+whN5+r5u8QeKxFOJxdb4vZKVA:JLPIAN/nUeKbj+UmKdzOJDb4v+A

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e29371ada1e75243c26a4c14c30b1ee574c492def3f1715bc663c1053f6a0589.exe
    "C:\Users\Admin\AppData\Local\Temp\e29371ada1e75243c26a4c14c30b1ee574c492def3f1715bc663c1053f6a0589.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2872

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    7bde631daabe5ae785a0639cc7a64921

    SHA1

    4bff29127dac76aad38b031610744bb213d64215

    SHA256

    d658fe121d1b6152af8edeb1a95b020cac985adf0dba91fd5f96c30a74068011

    SHA512

    95cc44b2f8cb4c1cacb9ab00507d3f18306d350716891024d6399abf6602206166d3ebcbb3e9232450e20aad21ec5adcd5b4f08c5ff00ccacceff71f72ba8e44

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    6afe47259fcd3be50ee97a7fe0313230

    SHA1

    63414b60fc96188402cad1c1052e6a2163984afa

    SHA256

    d449105440c3d654eba04dbc2119e5f2f54cd2e1356d7782388a54905ad4a84f

    SHA512

    f7df27e3451aeb7efbded96dfb4ae7a4784c279e3b8ff7d3e693cd87693cf4ade999db58fc22f67f82e72db4152a5e0b9c7ead48d1f037b67fb6b2d5e8ea0a7d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb51D8.tmp
    Filesize

    6.5MB

    MD5

    e74b5138b4f2f2c4d5476d8729f081ad

    SHA1

    8c471b04767e5104a0a72bb79d64e933da9ea969

    SHA256

    46fe016aae921636f0d08b4e38a8a0178a8f04fea5551d00fda4b3177b148b8d

    SHA512

    ccdd63821e8bf01a86552c464e6713bb1bcc12b6547982939ba913d53a6e86c2bcdddd8e3bbc1afa8bd73048a42d3a1784e4f9b9cb21806f1185edeb62232a50

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb51D8.tmp
    Filesize

    5.9MB

    MD5

    102040b140f5c4aa6e648e9f1d4ff005

    SHA1

    46d9823e88a674706bb21ac7062ea2f447074618

    SHA256

    f7900dccdf62e18236795b357c766f2c345dbc31c878242fcbd5c1340f413c0d

    SHA512

    b80b05de2814334c5d500d952656a4952cd91deef343fbced5f33c754f9fcb2968220a9260edeb3dd2d10c1c1d8d3d7129646873891be9d610d3f2794e79d6e2

    Download Submit