Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

852c1082b7...JC.exe

windows7-x64

7

852c1082b7...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2023, 17:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    852c1082b71632c26f0d135e22cdd71e_mafia_JC.exe

  • Size

    443KB

  • MD5

    852c1082b71632c26f0d135e22cdd71e

  • SHA1

    3a7c650d799a90d408d75954fbc0a9f1b3cdb698

  • SHA256

    f52f00f706b68cb6ef93bce1e7f8e591a29c05bc34e40255ace92794af91263d

  • SHA512

    e0ab8e7eb6f57cf51135c204f3222a75144dcaf256ae23e3c9bd12fabf746e79d8bf2ff959e05dfbf4c0d0ceecbb4514974ea7897d59ba79590e7f10a351e24a

  • SSDEEP

    12288:Wq4w/ekieZgU6yDkox3ajSYg0WZ/gSflMa:Wq4w/ekieH6ckg3A0Z/LP

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\852c1082b71632c26f0d135e22cdd71e_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\852c1082b71632c26f0d135e22cdd71e_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2788
    • C:\Users\Admin\AppData\Local\Temp\7D2F.tmp
      "C:\Users\Admin\AppData\Local\Temp\7D2F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\852c1082b71632c26f0d135e22cdd71e_mafia_JC.exe 4AB5EC9AA786B3E8E47818AEDDA3AA5B09D19D08374564EA9E718F43770AFA127E51E6E39CD917F9E4B39C5900C61A0E88DD1710CC21AA22433E03A542DA26B8
      2⤵
      • Executes dropped EXE
      PID:2332

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7D2F.tmp
    Filesize

    443KB

    MD5

    eceee13da2742340867399f09ace5ac3

    SHA1

    7e7510aff90b3d57e2d741bcea0f7606e961455c

    SHA256

    17095e4fa92f89f182b81d427365c76ef07410e4698bd7e0429e346e572b5482

    SHA512

    7de018b9e91ff94ded72cf1c0457573934ed1ec4720b289c5aab6111790da24927c01bbbc2666c876c2815957de8da392316225777794037ccbf74a80b00ec51

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\7D2F.tmp
    Filesize

    443KB

    MD5

    eceee13da2742340867399f09ace5ac3

    SHA1

    7e7510aff90b3d57e2d741bcea0f7606e961455c

    SHA256

    17095e4fa92f89f182b81d427365c76ef07410e4698bd7e0429e346e572b5482

    SHA512

    7de018b9e91ff94ded72cf1c0457573934ed1ec4720b289c5aab6111790da24927c01bbbc2666c876c2815957de8da392316225777794037ccbf74a80b00ec51

    Download Submit