Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2581bb5884...JC.exe

windows7-x64

7

2581bb5884...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2023, 15:10 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2581bb588428cdexeexe_JC.exe

  • Size

    373KB

  • MD5

    2581bb588428cd291eda4b350a39a0d7

  • SHA1

    9bdaa8fd909ce5ee1ac95cab7eb90992acf4498f

  • SHA256

    2dba09f972b062734d1c393e7115a330289f2f2543e36fd15c451af4c6433947

  • SHA512

    13dc1d531df3d818088a575e52b411389c05818a813af5af328fb2e3b8a8ec96bbc5108c447de4bc38dcf04a31a12f4fd59624f634ae0d22564936c35c5eeca9

  • SSDEEP

    6144:1plrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:1plrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2581bb588428cdexeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2581bb588428cdexeexe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1140
    • C:\Program Files\Update\indicator.exe
      "C:\Program Files\Update\indicator.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1076

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Update\indicator.exe
    Filesize

    373KB

    MD5

    6bbcd5c24bbf14e42549b2d46bf57eb1

    SHA1

    914648f519d61c4bbadd344200c06f6793ffbd35

    SHA256

    3a5dd58cdfa6f65b2493b0ccef302b703c551d0710cc9f78e290c5fe0ed8e34a

    SHA512

    146426dfe7a73b7aad81f199d3be7d66ba86bddbac6230790a421fb54f5337be4ec70a4d5074dfb508937ead413b7ffdbaa4a8df0bbd76c2abb791ff0a195fff

    Download Submit

  • C:\Program Files\Update\indicator.exe
    Filesize

    373KB

    MD5

    6bbcd5c24bbf14e42549b2d46bf57eb1

    SHA1

    914648f519d61c4bbadd344200c06f6793ffbd35

    SHA256

    3a5dd58cdfa6f65b2493b0ccef302b703c551d0710cc9f78e290c5fe0ed8e34a

    SHA512

    146426dfe7a73b7aad81f199d3be7d66ba86bddbac6230790a421fb54f5337be4ec70a4d5074dfb508937ead413b7ffdbaa4a8df0bbd76c2abb791ff0a195fff

    Download Submit

  • \Program Files\Update\indicator.exe
    Filesize

    373KB

    MD5

    6bbcd5c24bbf14e42549b2d46bf57eb1

    SHA1

    914648f519d61c4bbadd344200c06f6793ffbd35

    SHA256

    3a5dd58cdfa6f65b2493b0ccef302b703c551d0710cc9f78e290c5fe0ed8e34a

    SHA512

    146426dfe7a73b7aad81f199d3be7d66ba86bddbac6230790a421fb54f5337be4ec70a4d5074dfb508937ead413b7ffdbaa4a8df0bbd76c2abb791ff0a195fff

    Download Submit

  • \Program Files\Update\indicator.exe
    Filesize

    373KB

    MD5

    6bbcd5c24bbf14e42549b2d46bf57eb1

    SHA1

    914648f519d61c4bbadd344200c06f6793ffbd35

    SHA256

    3a5dd58cdfa6f65b2493b0ccef302b703c551d0710cc9f78e290c5fe0ed8e34a

    SHA512

    146426dfe7a73b7aad81f199d3be7d66ba86bddbac6230790a421fb54f5337be4ec70a4d5074dfb508937ead413b7ffdbaa4a8df0bbd76c2abb791ff0a195fff

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.