Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

5f9accd1d2...27.exe

windows7-x64

8

5f9accd1d2...27.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    98s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2024, 17:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5f9accd1d2d2ddf14f03f239b048963b525d17023aefb1a7f600507c6a2b9927.exe

  • Size

    11.3MB

  • MD5

    5a1444da83d50e4e79ae290ad0f30c0a

  • SHA1

    39df780da02ffb259e90a52b093fa03e1b726926

  • SHA256

    5f9accd1d2d2ddf14f03f239b048963b525d17023aefb1a7f600507c6a2b9927

  • SHA512

    db2810636ff0c762f407ed261d6d24f87f0f06b1f10f050066e8303593054dede90ab5db53446ccaf7eb9e1a24f6fd88b4163c0a7fd0294f7d95e7b333176990

  • SSDEEP

    196608:RXFGPpySVf+6b9oDdh0qTRxa8z1sULDSe9a+5crvT9YqS4lU4I4:RXVuf+6poDjBTRxa8psYSUa+arvSP0z

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5f9accd1d2d2ddf14f03f239b048963b525d17023aefb1a7f600507c6a2b9927.exe
    "C:\Users\Admin\AppData\Local\Temp\5f9accd1d2d2ddf14f03f239b048963b525d17023aefb1a7f600507c6a2b9927.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    a8f1455c18cb0f15a8f33796895d5e69

    SHA1

    2124551b2f3cb29a57c772f4ba311371fb9f3375

    SHA256

    f045843a89555b64adde8d5a9d536ee6b0745c750d345468776f21d30e8ed193

    SHA512

    875904c8369723a509306f10a02a60842ce6e61942609913728dffdd256615e0a3b558b0540906ca60c2dfb9f86958ab1d2b0fefea72b1c9694db4d4fa2ece23

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    6f6db1d06aa0ead46c75955125f92b08

    SHA1

    b337e97881ec70612a6c53886d50730fa3281afc

    SHA256

    cd20d2eea3ceaf3f13aa842d8584358cdcfeeacd30a0fd3c9c52e793708bb06d

    SHA512

    bbe3576c63308fc32030a74e2120d73955c2e9c7f87461f7ecdf651bc0cc159d9273f80c2df89be6da1ad6758ae793c897bf0ba97189660c763490ff106f9739

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    9b7b63e34b5cd5663191990af3d32205

    SHA1

    93d88e7979ae0c7160443044e2d8604e4ac2c88c

    SHA256

    b0f64694e1969223689787edd5374aa1f254486fb0af36d24072824f6ee82ecc

    SHA512

    9fca0d485262c16f616e081748f4d551fd0188e6cca77705d4694612f1aa9509f6b5663df34dff0dc1d1383a249c6e0a22fcc3f069ae9d9ad389f127239e9ba6

    Download Submit