Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

d19f0086f9...JC.exe

windows7-x64

4

d19f0086f9...JC.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    138s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/10/2023, 15:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d19f0086f98905880ddd0262f571a01e_JC.exe

  • Size

    117KB

  • MD5

    d19f0086f98905880ddd0262f571a01e

  • SHA1

    cadfb5f62c65034887b472d6a7e2dc61e4478cdb

  • SHA256

    0e571862727a8a30074ff8cf28237cc24787f6c54adbb4557a4c6f723fa47688

  • SHA512

    a40d346dc12ff7e92ce045394c87a5a9be5b5d03d370f5568a33b3e5c05ca3fad74eedb937bf1c670784a3c850f665a9772c1ec4383d1753be8af0ad13f06368

  • SSDEEP

    3072:dV2BZVPlFlnxClFvLLcsrHWpjbvO+QfxNIi59DeQp3++5WI/QtO:DQrNFxwj9b6G1fx20Y2u+3QE

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 18 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d19f0086f98905880ddd0262f571a01e_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\d19f0086f98905880ddd0262f571a01e_JC.exe"
    1⤵
    • Drops file in Windows directory
    PID:4968
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4968 -s 504
      2⤵
      • Program crash
      PID:4884
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4968 -ip 4968
    1⤵
      PID:4472

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Windows\win32dc\Quake3 + patch.exe
      Filesize

      117KB

      MD5

      d19f0086f98905880ddd0262f571a01e

      SHA1

      cadfb5f62c65034887b472d6a7e2dc61e4478cdb

      SHA256

      0e571862727a8a30074ff8cf28237cc24787f6c54adbb4557a4c6f723fa47688

      SHA512

      a40d346dc12ff7e92ce045394c87a5a9be5b5d03d370f5568a33b3e5c05ca3fad74eedb937bf1c670784a3c850f665a9772c1ec4383d1753be8af0ad13f06368

      Download Submit

    • memory/4968-0-0x0000000000400000-0x0000000000417000-memory.dmp

      Filesize

      92KB

      Download

    • memory/4968-18-0x0000000000400000-0x0000000000417000-memory.dmp

      Filesize

      92KB

      Download