Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

45a065853d...d5.exe

windows7-x64

8

45a065853d...d5.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    06/01/2024, 15:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    45a065853d0078f5a6653e43b46d015792f19e28fdadcd3b9dee4b98c9667ad5.exe

  • Size

    4.3MB

  • MD5

    30924b23d365ca3c9655aa4f8135c2cb

  • SHA1

    7ecd3ea2202b4d8d34cba657bf6c0fcc39574117

  • SHA256

    45a065853d0078f5a6653e43b46d015792f19e28fdadcd3b9dee4b98c9667ad5

  • SHA512

    36a19c2e8cb549a01fb95f3f9e4d8bdd97ec9e900a038cf4fff3704b16101cc19ebb0c18ba5c85f2f0c2e8918c81b3c541bece61ab0ba8e8e19726b5842e6b0b

  • SSDEEP

    49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\45a065853d0078f5a6653e43b46d015792f19e28fdadcd3b9dee4b98c9667ad5.exe
    "C:\Users\Admin\AppData\Local\Temp\45a065853d0078f5a6653e43b46d015792f19e28fdadcd3b9dee4b98c9667ad5.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    780f338e95c155f29f075c0092b8798e

    SHA1

    bf1d7cbd51d097fd2ce41085559beae26cd1b0ea

    SHA256

    076363d101a251beecc0456df8c1d4ce7fa622ea637e8ed4a70d5e96a91e2ae6

    SHA512

    c1c1d3453f3042eb01218f030b1407e72a7296cd9b427d60acc846d615ce6b74d931e2f8dda592101c44f9386daa842b62bf5a068e1667a46c9dd5c78797dfc6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    d458fd842567f0b5c75606f1f186be50

    SHA1

    804fdd1977d2256c60e05b4f8a42d203bc43c726

    SHA256

    60781bd19b79df41ac1fb1dc5830f3203f059c51f7d7aad5bd925157f043f19d

    SHA512

    a1c6e7a66c398d1019df0ae6afb8c084166c6747fc54947a6bfdfc5557015a0ecf69b7aac5234b834bf5ada4fb2664d23e0733fae94905d71286cb7e40c2c990

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d7876788da50425fb57026dc71b06135

    SHA1

    11e64b5fff0baf9a1aa94e97331c91e4a18ca6a4

    SHA256

    81528cde25914ab2d3eb09e8bdab4a8c03cc440e2d93f600e3bf5d6d459390c6

    SHA512

    63d4a601aefe6c7edf1cb7795db189dd3f3f5a7527f071bd9926a670999a5bfcb30c6814afc00207f8983e6efe4dbe699ea30f8b957230ddf8847863937f7125

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb405A.tmp
    Filesize

    4.4MB

    MD5

    f7a0c28af5f489ea0ae1d2fec7fd6fe6

    SHA1

    6ff8073a7df6c636a7415b384ec968fa7ed10f11

    SHA256

    eeeda3113a1a552cda3376dfd015baa02061e3aa49c464304e56620bc1ba5724

    SHA512

    ccf911f4eb36e53435b5d4521a299773dca1288548e8749d078ad09f8bd9e352cf6fc7f1c1ce057a0803bc79b1ed7f1cd046590e876aa033859397b7c93f2739

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb405A.tmp
    Filesize

    5.0MB

    MD5

    839ea6224e88fe8e649763919e41d80d

    SHA1

    fde721d43eff6089b949e8b63aaf0035e7b3e811

    SHA256

    b2b4d6ec551af682100049157f8c1170ade9a5f9c494c90e048640370c71a74a

    SHA512

    437ffa57f0d115b6e7ad74900d4efae213cf381408f69e28e62b137a0759fa13eda234927b1dc4483f9c2067247bb9ffaa5e420e57b0a2043bb076e00401b74b

    Download Submit