Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NA_00332e5...JC.exe

windows7-x64

7

NA_00332e5...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/07/2023, 21:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NA_00332e553f21ffexe_JC.exe

  • Size

    371KB

  • MD5

    00332e553f21ff8a0724835c34427aa3

  • SHA1

    bfd45c33dfffb77892212f143de6025d112ba327

  • SHA256

    20b5bfa9aa4c6f893fcc43e332ca1a7c94c7ef9b12bdff214644ff07a2b120de

  • SHA512

    e6eb6ebe29ef37c3a505a0dd6b932cc1e864d324daf9a3bcd9d312ff81d149f5fac10b35c75505ea230d55fa78bf1e6ea55f9691d1b58ac9534fa5dcd49f1a4e

  • SSDEEP

    6144:oplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:oplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NA_00332e553f21ffexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NA_00332e553f21ffexe_JC.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2980
    • C:\Program Files\compact\runtime.exe
      "C:\Program Files\compact\runtime.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\compact\runtime.exe
    Filesize

    371KB

    MD5

    103faa36d68925682b81b2c12c37acd4

    SHA1

    d1fbec39f123835c25b4f3dfd493a8aa4b3888ff

    SHA256

    ef2e2720478daf6a2ed58b3d3d00c02a8d2eff5c5fa3f9c80af1d7499bbbb3aa

    SHA512

    75e3d28aee0bd3126cab3731acea42c09011da596696c59c06d3d70af65e1881871514e2a436daa8ec7b305b85bb13439469566486d9abd2bb95b4326f4154aa

    Download Submit

  • C:\Program Files\compact\runtime.exe
    Filesize

    371KB

    MD5

    103faa36d68925682b81b2c12c37acd4

    SHA1

    d1fbec39f123835c25b4f3dfd493a8aa4b3888ff

    SHA256

    ef2e2720478daf6a2ed58b3d3d00c02a8d2eff5c5fa3f9c80af1d7499bbbb3aa

    SHA512

    75e3d28aee0bd3126cab3731acea42c09011da596696c59c06d3d70af65e1881871514e2a436daa8ec7b305b85bb13439469566486d9abd2bb95b4326f4154aa

    Download Submit