Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

761d0b0de6...0a.exe

windows7-x64

8

761d0b0de6...0a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    146s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/08/2024, 23:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    761d0b0de6ee13b964374e6105ff17c43db3825ad231dc07070888ad7472a70a.exe

  • Size

    10.8MB

  • MD5

    0f4004f05fbcf1b14330cef7cd328d80

  • SHA1

    0fd2ee30eb3b33b6cac1ebb16be11b9d9fc6327b

  • SHA256

    761d0b0de6ee13b964374e6105ff17c43db3825ad231dc07070888ad7472a70a

  • SHA512

    cc95e9393185d5d95236f9a80a65725fc4bdb6625a08e7569a8890664723c9b36f1034be21ddb149e5b77c08bc2044b9ede3401a79dad394b012584ecf3ab79a

  • SSDEEP

    196608:hHWWK8lSSJ7PbDdh0HtQba8z1sjzkAilU4I4:hHWXU5J7PbDjOQba8psjzyz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\761d0b0de6ee13b964374e6105ff17c43db3825ad231dc07070888ad7472a70a.exe
    "C:\Users\Admin\AppData\Local\Temp\761d0b0de6ee13b964374e6105ff17c43db3825ad231dc07070888ad7472a70a.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:4848

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    8KB

    MD5

    e66be5f477807d0d7830f4c31d6b79b8

    SHA1

    f2aab8788785553fc465a92d74cad2a23720a3ae

    SHA256

    ee3cda6f22472729ad3b9a11abdcbc10fd96adcc0e6e69178d8c594696e7bded

    SHA512

    7146ac31a2e40ca8799651d8a96adeba166db3b23c18cbe2f870d7a25b8d63be239866a9e5744b593ebc08a9ef3649e5cbcbe32f6315933c598b50b8003f6c10

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    0a6050d77d0ed75331d0dd94e7c28ae6

    SHA1

    adc78af0799868aca8bf10c5b2fc2d6097c8c72a

    SHA256

    979fe9dcef295ee37ca4609d7b18c3a9ee0e798a54eb8b6128a16c2100965c7a

    SHA512

    d109faf7aad14185435c4e736a50d54e0e79bd5a04023bd4e564cf175aae3c31cd5f3b2c67a6df02e7e405bba64c1499975dd25ab27c44ec6eeb6ec27431ee7c

    Download Submit