Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

453bd3b84c...JC.exe

windows7-x64

7

453bd3b84c...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/08/2023, 19:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    453bd3b84c40472237574e0e446c2c79_mafia_JC.exe

  • Size

    412KB

  • MD5

    453bd3b84c40472237574e0e446c2c79

  • SHA1

    40a7670e11e7335bba033fdc046554b3469f70e5

  • SHA256

    cd4495dfa3959a36bf633b238b485fed1667959b8d9ff9eb862efd40cfcc6e97

  • SHA512

    39a602a71ba8635882ab0ff900bc26758ec9b04fd6c5d0729e8a15d3a7e52222260d5e2d6250bd9f9b2ea9f4195f332c75c650741ad2385742753c461444d498

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnJ6DZggohFLlVrV9KHnBnLh2LIKQSbP:U6PCrIc9kph5mgFhdHqBn92Eeb

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\453bd3b84c40472237574e0e446c2c79_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\453bd3b84c40472237574e0e446c2c79_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1452
    • C:\Users\Admin\AppData\Local\Temp\B3A0.tmp
      "C:\Users\Admin\AppData\Local\Temp\B3A0.tmp" --pingC:\Users\Admin\AppData\Local\Temp\453bd3b84c40472237574e0e446c2c79_mafia_JC.exe B6DB3111D0AE8C8C39776EC01E96958D85A88DB55409CF31E472B352713E641E8944E9B27ED3B21BB2458FD5034DBA60F5B86FD8CE1DECF4B35419321C6B0493
      2⤵
      • Executes dropped EXE
      PID:1324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B3A0.tmp
    Filesize

    412KB

    MD5

    1a5edaaf98e389d4012211e1d344e9a5

    SHA1

    8b1ca28f412478c0d025b913e94c623932264f4f

    SHA256

    412c5aff216f0594e6509380fb5c90a47353e92fc0c413baa50ceb9abbb5692d

    SHA512

    668a543d951d5b40d2e3b7e3fa1d216856e4e439e9876e7a9a73409a7799bcb65816bb91e391d4a140ab4482a305fd9277c2eed2b5895ba069bfd262da4092ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\B3A0.tmp
    Filesize

    412KB

    MD5

    1a5edaaf98e389d4012211e1d344e9a5

    SHA1

    8b1ca28f412478c0d025b913e94c623932264f4f

    SHA256

    412c5aff216f0594e6509380fb5c90a47353e92fc0c413baa50ceb9abbb5692d

    SHA512

    668a543d951d5b40d2e3b7e3fa1d216856e4e439e9876e7a9a73409a7799bcb65816bb91e391d4a140ab4482a305fd9277c2eed2b5895ba069bfd262da4092ab

    Download Submit