Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8719c071e7...JC.exe

windows7-x64

7

8719c071e7...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    06/08/2023, 12:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8719c071e7b48608fa04305b13ea160b_mafia_JC.exe

  • Size

    412KB

  • MD5

    8719c071e7b48608fa04305b13ea160b

  • SHA1

    7b6323eb60e0d7d814c706680225ef6b60a2413a

  • SHA256

    fcdeab3eec049b3c0da9793377b25f48f3ff7cf17db67d2df4858eccd0d3495c

  • SHA512

    d5b47e2b7f218ae13f68cb05d7fc7d702004608b11e9a2b2576394ec9d141e0ef7e60a0fda6660c76ae3ed246fe2c9b2c76f07be18626f10d5c8a3aeef966db6

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnaoX5HZDAZrSGqqTc9Ir2v2jTcbwfXGmMLVP:U6PCrIc9kph5x55k8GVc6Kv2fcsXGmk

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8719c071e7b48608fa04305b13ea160b_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\8719c071e7b48608fa04305b13ea160b_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Users\Admin\AppData\Local\Temp\758D.tmp
      "C:\Users\Admin\AppData\Local\Temp\758D.tmp" --pingC:\Users\Admin\AppData\Local\Temp\8719c071e7b48608fa04305b13ea160b_mafia_JC.exe 7EA11483E9439018DDA842EB6B0394BDD01332F30621F9407DFF38FC9291EFD64A75E9F6052DE105D32191447C935BEA14B6C9631499E81DFF5E61B4AAA4CC5B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\758D.tmp
    Filesize

    412KB

    MD5

    61e3ef601c4561e270c9c5e576548d43

    SHA1

    40e4ab25db18ae82de77919e1a8202427038a617

    SHA256

    3725ba6168cfaeee74a5c1866abe5903656c87d6c3c7f108c1c7cac4e85d524f

    SHA512

    3e2a88229b3c26603aeaf4fc078124733e8d5d92f1cee6c3753ecf707d067880621e569c7f3303e807e9ceb683a590ee4cceb0493c2c14810f398bc8545d563a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\758D.tmp
    Filesize

    412KB

    MD5

    61e3ef601c4561e270c9c5e576548d43

    SHA1

    40e4ab25db18ae82de77919e1a8202427038a617

    SHA256

    3725ba6168cfaeee74a5c1866abe5903656c87d6c3c7f108c1c7cac4e85d524f

    SHA512

    3e2a88229b3c26603aeaf4fc078124733e8d5d92f1cee6c3753ecf707d067880621e569c7f3303e807e9ceb683a590ee4cceb0493c2c14810f398bc8545d563a

    Download Submit