Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

6a6bea9b57...d3.exe

windows7-x64

8

6a6bea9b57...d3.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    140s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/08/2024, 11:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6a6bea9b572c00ea1e06435f0029ec6f08a89bb29283a59c119d91b5ac62a1d3.exe

  • Size

    10.4MB

  • MD5

    93b28a8083b9e990eb5bad1e09565dde

  • SHA1

    370e73e6cd8435c51e5b17eac62812ae335d691f

  • SHA256

    6a6bea9b572c00ea1e06435f0029ec6f08a89bb29283a59c119d91b5ac62a1d3

  • SHA512

    e4ea1c74dd5060d91ad9df5943206e39880aa09b52b31aa6c185a14b4d8ff1eab556a0b7dad6dfd0da6172fec12a30bc084593ccd7c08efce4742baa2a147ab0

  • SSDEEP

    196608:t7+K5IjSSJ7PbDdh0HtQba8z1sjzkAilU4I4:t7+rj5J7PbDjOQba8psjzyz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6a6bea9b572c00ea1e06435f0029ec6f08a89bb29283a59c119d91b5ac62a1d3.exe
    "C:\Users\Admin\AppData\Local\Temp\6a6bea9b572c00ea1e06435f0029ec6f08a89bb29283a59c119d91b5ac62a1d3.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:4104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    0f651ea56eb87fd56cc92407e6967a83

    SHA1

    b1520d5d1ffa460c4f45c573f983cae59bf0dd05

    SHA256

    cc1963c4fa9fad7a2d196dc7f5ee16310de1e868fdaffe9be8a783822bf3b201

    SHA512

    b491b0d7830ba68d447e98792e6ab7e4053f2d2bd375c5c6ad9820ac9c344cf69338d41ff1493b2c81afb2b443c10301a3a89a01365c4dc054a58248044927de

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    b9be8f014a8c8111204cb4a3453e235f

    SHA1

    0192041e7bd2b68f0f044f83415486c209a86c95

    SHA256

    6d6bbdaab0b41b5812214a48c6cb042804dcd63fcededf7662bbf4c7ca81c328

    SHA512

    7b88666e444b18c31f3f5f90f1a87e0766f3d83a2ba065355d704b02e07f01bf13b089e9bd3993adae0a227d9b1b1dd487d2c075e3f8f5b45e03ae8df58c16f0

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    eb975b1c2ec52154a325e41fd1a882ad

    SHA1

    8ffa7ac4615b24becd5fe144aaad8bc8e5498f9f

    SHA256

    b42cc792039496d269c6c7124e4ee58f84617a1b11a4ac75a2daaa107b1c17a5

    SHA512

    687c24d1de3030c20544627c16a3e93126b2b8955224fea7339a6b4a5d92a3725bbc5f609185729a022b8088bde8b995430b8b512c943d831cae279790c20a18

    Download Submit