Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

aaf06eabb3...3f.exe

windows7-x64

8

aaf06eabb3...3f.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    72s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 20:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aaf06eabb3d2b6f7cd22f4b3d019626f5e4f9245f9cc863d26f4d78020cbf23f.exe

  • Size

    10.8MB

  • MD5

    276c4b740bcc89f4d7344bc25d33d525

  • SHA1

    a16501c848f94796aba3677a862fbb90a138e2a0

  • SHA256

    aaf06eabb3d2b6f7cd22f4b3d019626f5e4f9245f9cc863d26f4d78020cbf23f

  • SHA512

    afb499e47dfbb98f5ff4888b8c3766b0404b6336028f042ad883ab2ba842ffc20245f13dfb4b9f6f7db015515396a4988e2fdc896323d02f568f94ca9dedd8ad

  • SSDEEP

    196608:hHWWK8lSSJ7PbDdh0HtQba8z1sjzkAilU4I4:hHWXU5J7PbDjOQba8psjzyz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\aaf06eabb3d2b6f7cd22f4b3d019626f5e4f9245f9cc863d26f4d78020cbf23f.exe
    "C:\Users\Admin\AppData\Local\Temp\aaf06eabb3d2b6f7cd22f4b3d019626f5e4f9245f9cc863d26f4d78020cbf23f.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2268

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    8KB

    MD5

    49cddbf27da770cdc597abcc3f0ea98d

    SHA1

    48e304917f1e5029b0ad407c1ebd5c9849251add

    SHA256

    dc0fe7e6c1c5f468c0a4f7380e5288f58decc9f0cbb2abb46d8e039faefb746d

    SHA512

    2b4c4f6873cdeb400393b63d5e1ddbe9e5bc045e71f61a5d4f1d91cc917978f9e40a1b1eb3760587956ba1e713c287153299cb5266ce609681b86c9528ebd716

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    631e367e22cb7b837fed67e92c97828d

    SHA1

    72ca204dd3184e94c54d8a840ef44c6626bc88e7

    SHA256

    7701830eb30241cd8b3de6a166080b4ba8f65e5ed70e06d92f08128258543326

    SHA512

    c1b5174ae9ef27e720695745255df956087c19bf1a048d9df8992de26e47f77f6145ea80fac9f452351f8673c0b24f70b559acf64999c45c6318b628a5499fd0

    Download Submit