Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

72045f4465688f_JC.exe

windows7-x64

3

72045f4465688f_JC.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/07/2023, 13:12 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    72045f4465688f_JC.exe

  • Size

    155KB

  • MD5

    72045f4465688f0435aa7b3a7766e7c2

  • SHA1

    0a1614d1201f248d6dff8b6fed3b49d9f72f4bc0

  • SHA256

    11f80874a8bdff03054622d7271cfd0b1a443b1f22abeb7a91ba3a61372f2e35

  • SHA512

    99179d6c1f83f419cc4705682221a3a0199347e8bc2e1a51c85e80d412fae0f241a6f976eeccc6b76cc95e59dbef499637c497f943ef09f62a785d9bebcd6f9a

  • SSDEEP

    3072:S5K/B0toLsSNJQlxwsx89TSdBgjMqqDL2/TOKkkG:ScytwxjTTSdBgQqqDL6SK2

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\72045f4465688f_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\72045f4465688f_JC.exe"
    1⤵
      PID:4732
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4732 -s 228
        2⤵
        • Program crash
        PID:2784
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 4732 -ip 4732
      1⤵
        PID:4756

      Network

      • flag-us
        DNS
        2.136.104.51.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        2.136.104.51.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        20.160.190.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        20.160.190.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        254.129.241.8.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        254.129.241.8.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        208.194.73.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        208.194.73.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        103.169.127.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        103.169.127.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        73.254.224.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        73.254.224.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        216.74.101.95.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        216.74.101.95.in-addr.arpa
        IN PTR
        Response
        216.74.101.95.in-addr.arpa
        IN PTR
        a95-101-74-216deploystaticakamaitechnologiescom
      • flag-us
        DNS
        6.173.189.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        6.173.189.20.in-addr.arpa
        IN PTR
        Response
      No results found
      • 8.8.8.8:53
        2.136.104.51.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        2.136.104.51.in-addr.arpa

      • 8.8.8.8:53
        20.160.190.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        20.160.190.20.in-addr.arpa

      • 8.8.8.8:53
        254.129.241.8.in-addr.arpa
        dns
        72 B
         126 B
         1
        1

        DNS Request

        254.129.241.8.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        208.194.73.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        208.194.73.20.in-addr.arpa

      • 8.8.8.8:53
        103.169.127.40.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        103.169.127.40.in-addr.arpa

      • 8.8.8.8:53
        73.254.224.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        73.254.224.20.in-addr.arpa

      • 8.8.8.8:53
        216.74.101.95.in-addr.arpa
        dns
        72 B
         137 B
         1
        1

        DNS Request

        216.74.101.95.in-addr.arpa

      • 8.8.8.8:53
        6.173.189.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        6.173.189.20.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.