Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

09bd8a3944...JC.exe

windows7-x64

7

09bd8a3944...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2023, 19:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    09bd8a39448b71exe_JC.exe

  • Size

    412KB

  • MD5

    09bd8a39448b717e6f3a12a607cea09c

  • SHA1

    dda4b9b7c1cead0c464ffea4bba38a5a02ffbfdd

  • SHA256

    6c4dc4f0bd50f231fde101a2b7e080cd6e27f5b784974d01b32212cc94d7d91c

  • SHA512

    388d590d541dfaf7ad16b034d65a8cb9b08215b237bec5759eeea807e012dcb6c3447a0c0974866727347052e9b13ce64f31eec06fca2e204020f96d515f2223

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnEse9V35PbFCI9U3r6a1WKv9ugWsUQ3lgt0jkqP:U6PCrIc9kph5Oz99U3rt1WyugWBttS

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\09bd8a39448b71exe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\09bd8a39448b71exe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:836
    • C:\Users\Admin\AppData\Local\Temp\19B8.tmp
      "C:\Users\Admin\AppData\Local\Temp\19B8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\09bd8a39448b71exe_JC.exe 66F2BF66C4E6D4BEF0A12FC8F832D5736B104636767D8DB5278141BD629F54BFFAF5C37FF8DF22F358C47C3A3975FC654D18523E6650533411B53241F8548D1B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\19B8.tmp
    Filesize

    412KB

    MD5

    92abb82877fe06946672e9a6e33f0908

    SHA1

    c7ddafd33a83db4933974706a5ba2b2f4e9b4a20

    SHA256

    3966a5514765456c33f60ab9b8cf19951cc9314079475b0190b955a98f1b3a2e

    SHA512

    7e974f75861a29e58d58bbcb805fa762e262b26889e00aa832b01f9f64d3950e8aef0f177556bbe19052379667ef669907fce998d6b4c69311970094ecb43862

    Download Submit

  • \Users\Admin\AppData\Local\Temp\19B8.tmp
    Filesize

    412KB

    MD5

    92abb82877fe06946672e9a6e33f0908

    SHA1

    c7ddafd33a83db4933974706a5ba2b2f4e9b4a20

    SHA256

    3966a5514765456c33f60ab9b8cf19951cc9314079475b0190b955a98f1b3a2e

    SHA512

    7e974f75861a29e58d58bbcb805fa762e262b26889e00aa832b01f9f64d3950e8aef0f177556bbe19052379667ef669907fce998d6b4c69311970094ecb43862

    Download Submit