Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

51f4db24f7...JC.exe

windows7-x64

7

51f4db24f7...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/08/2023, 17:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    51f4db24f76b9438198cbbd6de8268c7_magniber_JC.exe

  • Size

    580KB

  • MD5

    51f4db24f76b9438198cbbd6de8268c7

  • SHA1

    d2ed64ca270241ea98cd1906c346deed864b005d

  • SHA256

    2d9be833372f380e739a3277dabca4dc0b2166cbacb445e70bd06e8444d502a6

  • SHA512

    cb427b0c86b3a4f9330ad11c4c7a53e062ff60acb0bd989d4b8f5824f843471ffbd9329a03ec09a3f9dd156164dfe5dceb745a08411997606b289ac8ccb105c3

  • SSDEEP

    12288:J7vnO4/YjM+yGbIMkVkWTjvoQDbKtIvK5:pP/IylkWPoObKtIy5

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\51f4db24f76b9438198cbbd6de8268c7_magniber_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\51f4db24f76b9438198cbbd6de8268c7_magniber_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\dfs6A24.tmp
    Filesize

    282KB

    MD5

    ec289a0acf4bcfd8ee9cba8b18d7ce0e

    SHA1

    e312ec699681ca9b879bf381a81c6e96057235b3

    SHA256

    9dfb9baa312020daf0906d24e491b76061cc9971a8abb9e82625a4773af6ac21

    SHA512

    934f8a2850a28d763ae5289d23029cc83983415a09c4408b5ccbc6ee66d2b01b0029ca0f5fed1183c22e19ca34f3601f627c1c251bf140368124f1b2c3f565d0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\dfs6A24.tmp
    Filesize

    282KB

    MD5

    ec289a0acf4bcfd8ee9cba8b18d7ce0e

    SHA1

    e312ec699681ca9b879bf381a81c6e96057235b3

    SHA256

    9dfb9baa312020daf0906d24e491b76061cc9971a8abb9e82625a4773af6ac21

    SHA512

    934f8a2850a28d763ae5289d23029cc83983415a09c4408b5ccbc6ee66d2b01b0029ca0f5fed1183c22e19ca34f3601f627c1c251bf140368124f1b2c3f565d0

    Download Submit

  • memory/3844-143-0x0000000004E80000-0x0000000004E8A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3844-138-0x0000000004B20000-0x0000000004B6E000-memory.dmp

    Filesize

    312KB

    Download

  • memory/3844-139-0x0000000074750000-0x0000000074F00000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/3844-140-0x0000000004B00000-0x0000000004B10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3844-141-0x00000000052C0000-0x0000000005864000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/3844-142-0x0000000004DB0000-0x0000000004E42000-memory.dmp

    Filesize

    584KB

    Download

  • memory/3844-133-0x0000000000180000-0x000000000022D000-memory.dmp

    Filesize

    692KB

    Download

  • memory/3844-144-0x0000000004B00000-0x0000000004B10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3844-145-0x0000000004B00000-0x0000000004B10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3844-146-0x0000000006B20000-0x0000000006B86000-memory.dmp

    Filesize

    408KB

    Download

  • memory/3844-155-0x0000000074750000-0x0000000074F00000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/3844-156-0x0000000004B00000-0x0000000004B10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3844-157-0x0000000004B00000-0x0000000004B10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3844-158-0x0000000004B00000-0x0000000004B10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3844-159-0x0000000000180000-0x000000000022D000-memory.dmp

    Filesize

    692KB

    Download