Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

09bd8a3944...JC.exe

windows7-x64

7

09bd8a3944...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/07/2023, 19:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    09bd8a39448b71exe_JC.exe

  • Size

    412KB

  • MD5

    09bd8a39448b717e6f3a12a607cea09c

  • SHA1

    dda4b9b7c1cead0c464ffea4bba38a5a02ffbfdd

  • SHA256

    6c4dc4f0bd50f231fde101a2b7e080cd6e27f5b784974d01b32212cc94d7d91c

  • SHA512

    388d590d541dfaf7ad16b034d65a8cb9b08215b237bec5759eeea807e012dcb6c3447a0c0974866727347052e9b13ce64f31eec06fca2e204020f96d515f2223

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnEse9V35PbFCI9U3r6a1WKv9ugWsUQ3lgt0jkqP:U6PCrIc9kph5Oz99U3rt1WyugWBttS

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\09bd8a39448b71exe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\09bd8a39448b71exe_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4892
    • C:\Users\Admin\AppData\Local\Temp\B074.tmp
      "C:\Users\Admin\AppData\Local\Temp\B074.tmp" --pingC:\Users\Admin\AppData\Local\Temp\09bd8a39448b71exe_JC.exe 281B0DDA5BCF17BF82B77B704035B938DC7CA00C330C2C356159DEC0C43ACCB8672BE4AC245A2DD772BA398A4C2E2F55E08728BF74B9DD5E29CB4733680F4D5B
      2⤵
      • Executes dropped EXE
      PID:1544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B074.tmp
    Filesize

    412KB

    MD5

    b4bdedbb458128ccac7c2670412b2328

    SHA1

    1bf03d773da4e184b542b0a1935a754ff27b9289

    SHA256

    b5be414bf737f2c99819b7d2d3527bc2290a4b2e3745ff0ce1c791d8e70229bb

    SHA512

    932b0955f7ebef78efa3a2843b149f262e8ac7fd64cc297e6d0ee9ec02929f7552ba50ffc003336e9fca246440123d3c5a79b49843bdc7d7c0e529597605942f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\B074.tmp
    Filesize

    412KB

    MD5

    b4bdedbb458128ccac7c2670412b2328

    SHA1

    1bf03d773da4e184b542b0a1935a754ff27b9289

    SHA256

    b5be414bf737f2c99819b7d2d3527bc2290a4b2e3745ff0ce1c791d8e70229bb

    SHA512

    932b0955f7ebef78efa3a2843b149f262e8ac7fd64cc297e6d0ee9ec02929f7552ba50ffc003336e9fca246440123d3c5a79b49843bdc7d7c0e529597605942f

    Download Submit