Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2023-08-25...JC.exe

windows7-x64

7

2023-08-25...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 20:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-25_e43995fcb08e299606d7d620243d8863_icedid_JC.exe

  • Size

    282KB

  • MD5

    e43995fcb08e299606d7d620243d8863

  • SHA1

    8980681f3d4313c5dd29af4d85427db00b79aa8d

  • SHA256

    4a3afe214b159db59cec782ff8d17f399140b320138eb51324a595b3aaf7118b

  • SHA512

    e60242c22cf43e2d565f8a4dda4602b72ffeb95f6da9f61f5d597b7b6e71805968a1b876bbca8c6f86f41787bcf701b8dc921496ec103fea5860dd68753a17b0

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-25_e43995fcb08e299606d7d620243d8863_icedid_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-25_e43995fcb08e299606d7d620243d8863_icedid_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1908
    • C:\Program Files\Spanish\Swedish.exe
      "C:\Program Files\Spanish\Swedish.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Spanish\Swedish.exe
    Filesize

    282KB

    MD5

    f48fb2c95829b6701af0c74814fdda8e

    SHA1

    02fc22ced92ac7ce1a9840c99e94ce2288035bb5

    SHA256

    94bf3e8f7e387c07e67bc517acaf4f15b6f83a996a171651f78c87372eb40802

    SHA512

    e953c0b74fb838b1d1d56d7dbc5df6cd3f77ca1438d5202406bdd1a8605dfbf5023795a9c730f1f052f051ed783639799f45b0b0f6d2260269a53c2160c19365

    Download Submit

  • C:\Program Files\Spanish\Swedish.exe
    Filesize

    282KB

    MD5

    f48fb2c95829b6701af0c74814fdda8e

    SHA1

    02fc22ced92ac7ce1a9840c99e94ce2288035bb5

    SHA256

    94bf3e8f7e387c07e67bc517acaf4f15b6f83a996a171651f78c87372eb40802

    SHA512

    e953c0b74fb838b1d1d56d7dbc5df6cd3f77ca1438d5202406bdd1a8605dfbf5023795a9c730f1f052f051ed783639799f45b0b0f6d2260269a53c2160c19365

    Download Submit

  • \Program Files\Spanish\Swedish.exe
    Filesize

    282KB

    MD5

    f48fb2c95829b6701af0c74814fdda8e

    SHA1

    02fc22ced92ac7ce1a9840c99e94ce2288035bb5

    SHA256

    94bf3e8f7e387c07e67bc517acaf4f15b6f83a996a171651f78c87372eb40802

    SHA512

    e953c0b74fb838b1d1d56d7dbc5df6cd3f77ca1438d5202406bdd1a8605dfbf5023795a9c730f1f052f051ed783639799f45b0b0f6d2260269a53c2160c19365

    Download Submit

  • \Program Files\Spanish\Swedish.exe
    Filesize

    282KB

    MD5

    f48fb2c95829b6701af0c74814fdda8e

    SHA1

    02fc22ced92ac7ce1a9840c99e94ce2288035bb5

    SHA256

    94bf3e8f7e387c07e67bc517acaf4f15b6f83a996a171651f78c87372eb40802

    SHA512

    e953c0b74fb838b1d1d56d7dbc5df6cd3f77ca1438d5202406bdd1a8605dfbf5023795a9c730f1f052f051ed783639799f45b0b0f6d2260269a53c2160c19365

    Download Submit