Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2023-08-27...JC.exe

windows7-x64

7

2023-08-27...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2023, 16:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-27_25b4fe572d7cd456946a2f7722fd1cff_mafia_JC.exe

  • Size

    433KB

  • MD5

    25b4fe572d7cd456946a2f7722fd1cff

  • SHA1

    cbfe98ae079f3dd46e4f67b29430c21c72e27cc3

  • SHA256

    cba227f4f3b2417ab592ef399f6ae0df78a5a7f67c548be9c4b970fd9fb5e172

  • SHA512

    3d51818c8497f3f4d45d5074a546aaeb5fb618b07fd82f60e5f8d2a6ba96d9434cdbf5df1db4f84fcdf5973d003b84f3e949a66db46c944f64454239b24260d0

  • SSDEEP

    12288:Ci4g+yU+0pAiv+R9UyO76DUYELe8kH3MijoKVdxC1n:Ci4gXn0pD+R9qODUABHJjhY

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-27_25b4fe572d7cd456946a2f7722fd1cff_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-27_25b4fe572d7cd456946a2f7722fd1cff_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:340
    • C:\Users\Admin\AppData\Local\Temp\2FE6.tmp
      "C:\Users\Admin\AppData\Local\Temp\2FE6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2023-08-27_25b4fe572d7cd456946a2f7722fd1cff_mafia_JC.exe 2C2F6E97E84EE09F03DD06A133BD489AD2194F041934AB9C2F9E319AD5B2B9F2C8FB9673BE51E16EAC8B0155EEC81F82357D35ABF40B4D63EDAB1DC46C3AA0AD
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2FE6.tmp
    Filesize

    433KB

    MD5

    b90cb156ab9bdf6af2c675074fc5eaf7

    SHA1

    4e83e550d08b8b994f0efc4aa3191b25cfccb685

    SHA256

    221658c94632355a70792dbb812c1c6481b6f8c191475db2220fedfaf17f61f4

    SHA512

    f2486a3ef333b4d366313e52a15e489a2154dc77c8e241ffc13ba8c0550d100fe22d6c6ccef5afbf060975d7c3a4ba3b3d30606969e4c0e5d0d2d852fd07ac71

    Download Submit

  • \Users\Admin\AppData\Local\Temp\2FE6.tmp
    Filesize

    433KB

    MD5

    b90cb156ab9bdf6af2c675074fc5eaf7

    SHA1

    4e83e550d08b8b994f0efc4aa3191b25cfccb685

    SHA256

    221658c94632355a70792dbb812c1c6481b6f8c191475db2220fedfaf17f61f4

    SHA512

    f2486a3ef333b4d366313e52a15e489a2154dc77c8e241ffc13ba8c0550d100fe22d6c6ccef5afbf060975d7c3a4ba3b3d30606969e4c0e5d0d2d852fd07ac71

    Download Submit