Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

a33404dd8d...c7.exe

windows7-x64

8

a33404dd8d...c7.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 16:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe

  • Size

    11.0MB

  • MD5

    ff17c23c8ff7ef3330f77b431fcc2846

  • SHA1

    4c0a982537f681f970a48215a5a768ce4d075c35

  • SHA256

    a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7

  • SHA512

    11fed89ca5c0d61b7f94d42d6035f99831d8b107c14c2ff7265df0bec1fb21fe92d1f148a8091d8056072a12696c808fa853905f414b8bc28442ab7d3297aafd

  • SSDEEP

    196608:J1WWWNNAsS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:J1WdAsRrDjtLKkOa8ps6puAktIz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe
    "C:\Users\Admin\AppData\Local\Temp\a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    cea28550fdb21d4c71b487f001738994

    SHA1

    5c18b9807a585c57ca99e9289aee3c25fc101893

    SHA256

    bc7d14cea8350436c764b8326964e48e33d969e8381ee09429076d31cc5d5973

    SHA512

    6b9686e4d00bf47f494a2103f37257f0380f4fbdfd156b91b318274f95ec94aa367761429bd8c621297babee4d66b90e9ffff7fe8360d57bee37a49717c18749

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    9KB

    MD5

    37c305412be1214e68416cb599e8e9cc

    SHA1

    63094e0767ddfc2c87f23f8dd128f32c1161c235

    SHA256

    dd65f7fde92059d7274d658610395bd3529e4901589bc6f94266a181d83c2299

    SHA512

    f281d61c8fec3f47ea8b93a244dd983edd2c25117045559eaa0dd05af9c64a010e6f8c80ecf66613b1a1e58df5725b3867c227d84af4e01ef22186eb9d171c93

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    7a677b19ae47afa06e96202c48213f14

    SHA1

    4f604cd8a6f5bb04a11d9c305c0c3382870a1856

    SHA256

    564400194ea7b7d3506ec0fb39f36703b0d07822460706aa80744d0dbcb261ba

    SHA512

    dea93224fde3223fc4684b39184ccec3a9e37cbb3226c146a1a4cd86363da8e07207c3c88af3c6c2d3aa414aef11bc5b36c8ebab207a793081b249443eb4bbac

    Download Submit