Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2023-08-27...JC.exe

windows7-x64

7

2023-08-27...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/10/2023, 16:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-27_25b4fe572d7cd456946a2f7722fd1cff_mafia_JC.exe

  • Size

    433KB

  • MD5

    25b4fe572d7cd456946a2f7722fd1cff

  • SHA1

    cbfe98ae079f3dd46e4f67b29430c21c72e27cc3

  • SHA256

    cba227f4f3b2417ab592ef399f6ae0df78a5a7f67c548be9c4b970fd9fb5e172

  • SHA512

    3d51818c8497f3f4d45d5074a546aaeb5fb618b07fd82f60e5f8d2a6ba96d9434cdbf5df1db4f84fcdf5973d003b84f3e949a66db46c944f64454239b24260d0

  • SSDEEP

    12288:Ci4g+yU+0pAiv+R9UyO76DUYELe8kH3MijoKVdxC1n:Ci4gXn0pD+R9qODUABHJjhY

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-27_25b4fe572d7cd456946a2f7722fd1cff_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-27_25b4fe572d7cd456946a2f7722fd1cff_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4308
    • C:\Users\Admin\AppData\Local\Temp\B0D1.tmp
      "C:\Users\Admin\AppData\Local\Temp\B0D1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2023-08-27_25b4fe572d7cd456946a2f7722fd1cff_mafia_JC.exe D69ED9E91C55465C96567A5AB33E301605CD4D60B628A2D4552F8333B37E038EC7094D1B328B78DA5B305ECD5BD74B6DEB5B5C12F982E21FF1BF1FF974ACBA7B
      2⤵
      • Executes dropped EXE
      PID:4872

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B0D1.tmp
    Filesize

    433KB

    MD5

    31f4511a2751723358e94bf29e789f5b

    SHA1

    221c621aa2efb9ddc35cc5f0f94bb72535cb5d7b

    SHA256

    82b98db7a48e23202ebe14f7a62bddea20d5a6648de8a53f129e9291974f24b8

    SHA512

    8183eede129144454eaef82059e895f570f15905aec5e68b13ae001e9a7763b23d1f35a07550375dab483f2534b61b208302d524b24e0fd0890db400954ec7cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\B0D1.tmp
    Filesize

    433KB

    MD5

    31f4511a2751723358e94bf29e789f5b

    SHA1

    221c621aa2efb9ddc35cc5f0f94bb72535cb5d7b

    SHA256

    82b98db7a48e23202ebe14f7a62bddea20d5a6648de8a53f129e9291974f24b8

    SHA512

    8183eede129144454eaef82059e895f570f15905aec5e68b13ae001e9a7763b23d1f35a07550375dab483f2534b61b208302d524b24e0fd0890db400954ec7cd

    Download Submit