Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

eea271d4b4...JC.exe

windows7-x64

7

eea271d4b4...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    30/08/2023, 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eea271d4b409afa67d0a11786695f28f_mafia_JC.exe

  • Size

    414KB

  • MD5

    eea271d4b409afa67d0a11786695f28f

  • SHA1

    1386f8915391bd6bdc1e586ef1f3c28ca54a14be

  • SHA256

    8bbdca89550815c18668b6e0376a779cceee21dcf969fb546e735650d7eb311e

  • SHA512

    883f7c1bc78bf3519a4f3f692d393214c81b74d548b631f845c579b237c02019db4b1110e45b00d0acd15433800b1f6a451b07c8f99bedeedd5421ed70178e58

  • SSDEEP

    12288:iA4g7yYea4GZo2LNZRMQq+KWVfmPWZ7dlXFS:iA4g7yYea432LVMt+KWVe8c

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eea271d4b409afa67d0a11786695f28f_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\eea271d4b409afa67d0a11786695f28f_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2564
    • C:\Users\Admin\AppData\Local\Temp\9EBF.tmp
      "C:\Users\Admin\AppData\Local\Temp\9EBF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\eea271d4b409afa67d0a11786695f28f_mafia_JC.exe 6A3DE956EE51A311A799D409B0E8096CC5172FBD51AA1F9D0CF3733BC68F35B7FDAA677050D094DD5A18503BD6471979FD9E3BADDBB24B378AA9D1B633316D7B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\9EBF.tmp
    Filesize

    414KB

    MD5

    676ec7a7d1052f01ac76f509a0eed59f

    SHA1

    ff3a965cc37dcf1fd86617de20e3bc85e265024a

    SHA256

    8a954a755a05b536776e55d4ff0bdf869325b38c5c814c3b63bd206ac542fae0

    SHA512

    47007c641053fd48c1e3c33d239ecd6b65d9a6d18b208ac4f125bc391dd62861807974bd44086628912d66299ca8add02dcdf90d3d9b238682b8024bb5633a73

    Download Submit

  • \Users\Admin\AppData\Local\Temp\9EBF.tmp
    Filesize

    414KB

    MD5

    676ec7a7d1052f01ac76f509a0eed59f

    SHA1

    ff3a965cc37dcf1fd86617de20e3bc85e265024a

    SHA256

    8a954a755a05b536776e55d4ff0bdf869325b38c5c814c3b63bd206ac542fae0

    SHA512

    47007c641053fd48c1e3c33d239ecd6b65d9a6d18b208ac4f125bc391dd62861807974bd44086628912d66299ca8add02dcdf90d3d9b238682b8024bb5633a73

    Download Submit