Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NA_NA_0d9b...JC.exe

windows7-x64

7

NA_NA_0d9b...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2023, 15:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NA_NA_0d9be373b2250dexeexe_JC.exe

  • Size

    406KB

  • MD5

    0d9be373b2250d424d1b1a5160ac06e3

  • SHA1

    1d24e7b303bf229dde748d3e1246bfe6e98df788

  • SHA256

    5ee7061bc4a54697ad7b8b331331db4cc92512c8ad815b4ef8fcbfc972592e12

  • SHA512

    2ea15e45b88d9ae494e3a661fd8c902f7d6066b99e09d8bd4acaba540291860712508eda80f9cee795a337cb11b0168316f6e9db1373d14a318571b180285926

  • SSDEEP

    12288:2plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:SxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NA_NA_0d9be373b2250dexeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NA_NA_0d9be373b2250dexeexe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Program Files\sure\headers.exe
      "C:\Program Files\sure\headers.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\sure\headers.exe
    Filesize

    406KB

    MD5

    51817ab17db214ca095f939b4e74e06e

    SHA1

    34ae516b59dbbeb7fed332ef65185aed9421976d

    SHA256

    e8ff61420219c596681930ee5560d8ec6037509cb15bfb5caac0ba5d4dbc3bdb

    SHA512

    45b0c88d579ec95bef1b86caa61460a7dc5aadf9c1d0d9ce8567afa825ee26721abc4bf98b4b406e7c7e386eff180922634824f519531469bb9bdb4bb2c121e3

    Download Submit

  • C:\Program Files\sure\headers.exe
    Filesize

    406KB

    MD5

    51817ab17db214ca095f939b4e74e06e

    SHA1

    34ae516b59dbbeb7fed332ef65185aed9421976d

    SHA256

    e8ff61420219c596681930ee5560d8ec6037509cb15bfb5caac0ba5d4dbc3bdb

    SHA512

    45b0c88d579ec95bef1b86caa61460a7dc5aadf9c1d0d9ce8567afa825ee26721abc4bf98b4b406e7c7e386eff180922634824f519531469bb9bdb4bb2c121e3

    Download Submit

  • \Program Files\sure\headers.exe
    Filesize

    406KB

    MD5

    51817ab17db214ca095f939b4e74e06e

    SHA1

    34ae516b59dbbeb7fed332ef65185aed9421976d

    SHA256

    e8ff61420219c596681930ee5560d8ec6037509cb15bfb5caac0ba5d4dbc3bdb

    SHA512

    45b0c88d579ec95bef1b86caa61460a7dc5aadf9c1d0d9ce8567afa825ee26721abc4bf98b4b406e7c7e386eff180922634824f519531469bb9bdb4bb2c121e3

    Download Submit

  • \Program Files\sure\headers.exe
    Filesize

    406KB

    MD5

    51817ab17db214ca095f939b4e74e06e

    SHA1

    34ae516b59dbbeb7fed332ef65185aed9421976d

    SHA256

    e8ff61420219c596681930ee5560d8ec6037509cb15bfb5caac0ba5d4dbc3bdb

    SHA512

    45b0c88d579ec95bef1b86caa61460a7dc5aadf9c1d0d9ce8567afa825ee26721abc4bf98b4b406e7c7e386eff180922634824f519531469bb9bdb4bb2c121e3

    Download Submit