Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

e2125a5398...b9.exe

windows7-x64

8

e2125a5398...b9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    15/09/2024, 12:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e2125a5398408f940015e1469f31b0c79e6873c6a6f8385a5ad0f0cab3ddd0b9.exe

  • Size

    9.9MB

  • MD5

    67dd9221add49983c549368ec1afe1f7

  • SHA1

    9979ce34ee3da4bf2c80c53908450afdc364473e

  • SHA256

    e2125a5398408f940015e1469f31b0c79e6873c6a6f8385a5ad0f0cab3ddd0b9

  • SHA512

    c8a20bd2d502e00186bb2912209c0c2204bb3114c2f4467f8741bebb48788b7e523d952aa50dad20a80d2ef31c2a1d0c362244c01f52a53301adda77a244de44

  • SSDEEP

    196608:NfS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:NfRrDjtLKkOa8ps6puAktIz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e2125a5398408f940015e1469f31b0c79e6873c6a6f8385a5ad0f0cab3ddd0b9.exe
    "C:\Users\Admin\AppData\Local\Temp\e2125a5398408f940015e1469f31b0c79e6873c6a6f8385a5ad0f0cab3ddd0b9.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:1504

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    76f002b7e0f0343848626d6e74d18602

    SHA1

    cfc81e02b8b779606affbf38b2c966a870b34209

    SHA256

    29692cc884d59db7f132663c25f79736941a5e0ef5e38c3ccac0d0c23a8ce3ec

    SHA512

    0af7f9b7f38f9500af816f1a9c25212e320019abca1133381cc956e21c7e08a9c9a2b08f27d3473767ee515d9b3c6bad9c428caaffbc76cb0dc06f5a0207340c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    975f700223a0cfd51aad459c3158672e

    SHA1

    99ceeeef6a5d07dfcd87cf2c66e0d933b5cdbf29

    SHA256

    7091a23d1f8c63d7fb64c107fe48d89ceb3348c7ad3ea510c71eacabe82c9492

    SHA512

    eb392a7349480c40bb7faa912d80300375aa51a0d43482869173bdb359ab390df8b97d677efe73caa94f55f2936d687bb63fcfd039d3c1bd7b33ccd936e012a4

    Download Submit