Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

5008fc8e68...JC.exe

windows7-x64

6

5008fc8e68...JC.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    23/09/2023, 11:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5008fc8e68756495ba6f393c2e45f2be_JC.exe

  • Size

    665KB

  • MD5

    5008fc8e68756495ba6f393c2e45f2be

  • SHA1

    f80fee3eb6af213d169359beeec0587a98e0f0d3

  • SHA256

    7e3ed9d98f74b9c7b206a0b1d2f0b6b341e25c5ccc636947ee1be241fe3a08cb

  • SHA512

    cc44d06ce7c1f37e5764deb0fe34b5cb45bf8ff762e3de045e66f85edc80f61907188d379c4f835a48209385bd7f79091a5ce1a13825aa9142b6218a97c3a0f4

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a1t:Hha8iAx+1zwjJHd6vB/ANMfCK

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5008fc8e68756495ba6f393c2e45f2be_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\5008fc8e68756495ba6f393c2e45f2be_JC.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    675KB

    MD5

    e21fd7fe8a1d83a979ed94905ac3a7c9

    SHA1

    3b32f57fc1eb12181e7e837a959420dd1b7c5f6a

    SHA256

    a4055875f130720271756d7e2d5d1911fadc5bf435f7e001afb8edaad34840a1

    SHA512

    35ab20d4c3be5408b4439ee78324391f0cfd23be6795fe4f01877a0018977d818709a6cb8567adb1d48d676537b0b122de290755a01382ec4f99e7a58aa9eb69

    Download Submit

  • memory/2200-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2200-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download