Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

50d1fd15f1...d4.exe

windows7-x64

8

50d1fd15f1...d4.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 13:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    50d1fd15f155d4479b659f6c7ba83853870248c387bfab2849422f2de77869d4.exe

  • Size

    10.0MB

  • MD5

    6fad46bf73c9abb36e47e90972eede67

  • SHA1

    d8a03b83ad063825ceab2e92eaa0945bc79bc5a0

  • SHA256

    50d1fd15f155d4479b659f6c7ba83853870248c387bfab2849422f2de77869d4

  • SHA512

    94b8fc5824e6eaaddf2e05172caaf32bdce026d94e0029b9df703e60f21cc4e952b272015f39199420a44e108a2b923a7a36b3825b8c092c06266f1015650c05

  • SSDEEP

    196608:ScS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:ScRrDjtLKkOa8ps6puAktIz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\50d1fd15f155d4479b659f6c7ba83853870248c387bfab2849422f2de77869d4.exe
    "C:\Users\Admin\AppData\Local\Temp\50d1fd15f155d4479b659f6c7ba83853870248c387bfab2849422f2de77869d4.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    355f443b5ac01adfd1400b9b7b791101

    SHA1

    0f42884c37ee1357d439bc6cd1f0dc7caad61d7c

    SHA256

    4080899667d04f423d6187f56c7b75ba141e44037ef82e777a10b078bc7a7dc9

    SHA512

    0fe77951015490062f267122ff4e6661e0c052254d3a0a352c79ad9182accbf780b711a29c988f9ed46739b601fc8b1d08cda423903a56110dab6a7fdaedf22d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    49b9e00685ffc3124ff9b9f791c38044

    SHA1

    df570815f053169c132633b76d6fde6f386ae1db

    SHA256

    870dea866b2baa530cc0d6b7fc8eb477996203038150c0b4e0303f92ebc9446c

    SHA512

    95a4bb9b25e20e823dcd5c51840db24a48e80b897e42ccd5150b43e20c89d0335252a4b0a9b9e2cf96e5fe12418f80151d667e8709a4e9fc8cb475ab55d4d321

    Download Submit