Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

393900fdf8...JC.exe

windows7-x64

7

393900fdf8...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2023, 17:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    393900fdf8a28b3b29b5efc063ea84a1_mafia_JC.exe

  • Size

    384KB

  • MD5

    393900fdf8a28b3b29b5efc063ea84a1

  • SHA1

    9b4a3891b55d5c7fd052e84f293b93cb6b9fd122

  • SHA256

    fba7f2c47d0c3505e31e8512d957647f5ebe70a74c2797fa9314fa88a061681a

  • SHA512

    449a066f72d0289b21c5ec30eabbc31e9a5d5ab84b39fe88d4be795e4b15616dd7a2bc5c70cd1b62db14a21a8df34b6188cbdccde3fe34495f4d5051e542ff4c

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHdgabUsloXEm+Z6sFO8b4Vkwgtn3dLJY4epMKZ:Zm48gODxbz7nUslnmPsFwV9gdt+4eKKZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\393900fdf8a28b3b29b5efc063ea84a1_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\393900fdf8a28b3b29b5efc063ea84a1_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2624
    • C:\Users\Admin\AppData\Local\Temp\842D.tmp
      "C:\Users\Admin\AppData\Local\Temp\842D.tmp" --pingC:\Users\Admin\AppData\Local\Temp\393900fdf8a28b3b29b5efc063ea84a1_mafia_JC.exe 2C70946DD680C7459B36C8DE04538F8C759F89C0DAFBA2675FA72FE9D68143BDA0849A41D1ED34844C59DBD6CD4BE6E69C5EE76DC1584EA82C4A19D45DE31620
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\842D.tmp
    Filesize

    384KB

    MD5

    37f46aa66e71b72897c5a3ede3596d53

    SHA1

    d2149c28a1768282e582ed239f39743da869cda7

    SHA256

    16d90511b9346e6cbec9c7e280b89703508a754ff04c8da6fd810d4a08df79e8

    SHA512

    36207fa55e7efbce766b86ad343b64dea07ca654a58ef2586b1df61a6f2bf206121a76c2bfe0b3722be1d94aa2662d131ebff6389223268808009739acff94b4

    Download Submit

  • \Users\Admin\AppData\Local\Temp\842D.tmp
    Filesize

    384KB

    MD5

    37f46aa66e71b72897c5a3ede3596d53

    SHA1

    d2149c28a1768282e582ed239f39743da869cda7

    SHA256

    16d90511b9346e6cbec9c7e280b89703508a754ff04c8da6fd810d4a08df79e8

    SHA512

    36207fa55e7efbce766b86ad343b64dea07ca654a58ef2586b1df61a6f2bf206121a76c2bfe0b3722be1d94aa2662d131ebff6389223268808009739acff94b4

    Download Submit