Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

8049971d8a...60.exe

windows7-x64

8

8049971d8a...60.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 15:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8049971d8a5eb53a2e776e341c210f60fc003fb03df1754fe33f39683e75d760.exe

  • Size

    4.3MB

  • MD5

    dbe96d9c56e7894ebafe3b5e66be2ee8

  • SHA1

    5879416cc72ebdc6743103eef1a0f5795c408bf7

  • SHA256

    8049971d8a5eb53a2e776e341c210f60fc003fb03df1754fe33f39683e75d760

  • SHA512

    5df3ae9ca51d406c68112c5a273f14566f75b1a51d37111aa19213fa9792360440117c0cedccbf2c582c58f788ca0224eb6dd703dd74ac5e397117dbf03b4a8f

  • SSDEEP

    49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8049971d8a5eb53a2e776e341c210f60fc003fb03df1754fe33f39683e75d760.exe
    "C:\Users\Admin\AppData\Local\Temp\8049971d8a5eb53a2e776e341c210f60fc003fb03df1754fe33f39683e75d760.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    b12556ce92516b2d97045fbd9dfe5f31

    SHA1

    4cd2ae76d8a6a8f984d5012e1359eb27710f3447

    SHA256

    e08ea65f3de258f74b4fa803b02735a98622ecc234a7318a067500ea41a4247b

    SHA512

    9ccce8a1e06d1fd8324eff9cd783839f26f3a875cbfa759d0344bd0f80bf0f1865053c12cd0e8957c4cb6069083b99111a3997f084aad28f6ba84cb651f4545d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    8ea0bd495d32f1b2a45a06d151a726cf

    SHA1

    cc0570803a2836e376c594b72826854859af2ecc

    SHA256

    1adb3d30e1818ef36e29e715e27735aab1c23b8de246c0132db4e35a84c7673b

    SHA512

    3244da290e2f6f9a7cb434e8c99d44513ca0190daafedfd5a854806816307864db6d69f2a5564b80e141349ce3deac99368b9c4838c5819159d57e972316f8c9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb6C69.tmp
    Filesize

    3.1MB

    MD5

    3854f2025a4b29ae269e2a7b16cf93e5

    SHA1

    bff55290678af332982fc5d497fc884221b226b5

    SHA256

    e4b92f1faff10aed4a6254989e077662cc70bf0aee51ba3ecfdb2c69acae3eaf

    SHA512

    35c9364797e387dff5a1c1df40b49025086145ee449f6176a63deb5f4740197e9adcbff3d977aea4aaddd47989583c49d67e821294aafd0c944c2ed53e482c1c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb6C69.tmp
    Filesize

    3.2MB

    MD5

    4c6613aee7b325ac6fee8d6e846c90e4

    SHA1

    4cde1b99e6f53e755c268585eb9080e07323284a

    SHA256

    3247efc14b806cc2aafbbe60993d1dc125e36edd447084f5d02337b5248a0c4f

    SHA512

    c38c90ebd156f9ea09af79d3a1e9666466c36ce2ea8c31e454fcba7c2d3bdc59a98acd31292b4b090ed6ed5a9236e4bc0ef8b4afdeb37c05f4f6aa8671fd1788

    Download Submit