Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/10/2023, 08:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2023-09-05_37ee5b71460f3ce99fc16667a675c4dc_mafia_JC.exe

  • Size

    465KB

  • MD5

    37ee5b71460f3ce99fc16667a675c4dc

  • SHA1

    5a09c1fc7dd1abac5c8e9ab0db09c7d6c85f6502

  • SHA256

    2962454443c5157ad4838a503ff7af7722830887179101f570aad07cd814b5fc

  • SHA512

    63f42ada1f67403ddba3643429b74afaac56f839bd0d6989886b4c3a4013b84d1527f3ff7aa1d4bce0d102ea53d43feedf4fcba4cad2683985fdee86ce6458dc

  • SSDEEP

    12288:Bb4bZudi79LOQ9IO8X+y+RGtsOkCJKyA:Bb4bcdkLOQHdyhsOkCJ

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-05_37ee5b71460f3ce99fc16667a675c4dc_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-05_37ee5b71460f3ce99fc16667a675c4dc_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3664
    • C:\Users\Admin\AppData\Local\Temp\C062.tmp
      "C:\Users\Admin\AppData\Local\Temp\C062.tmp" --helpC:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-05_37ee5b71460f3ce99fc16667a675c4dc_mafia_JC.exe B656BF8D5D7B34C9A8D7231E3CF971D9A74623DD3E5221230D2520CD9EA24ADE60E3D6197F9C2CB1D32A536FC119B0557815DBBD32EA58C7033DA6BB15644C13
      2⤵
      • Executes dropped EXE
      PID:1360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\C062.tmp
    Filesize

    465KB

    MD5

    db751de79a1f68cad9133c38ba02e4f4

    SHA1

    0e7ffdbe3bd17a25ad0f2bdebcb2ad27f47bd7b1

    SHA256

    abc76ffdf5a410be11d8c5fcb25499e7e195ee5bb6ee0620f2cd08cc075314f0

    SHA512

    7e7cea708227cfc2b9c53382c3be06dd5a0495fe36d57ef38a95ae3ee27cee42c322315137943a42d34aad95d21b66b1ecee1b62bc903eb6da84a885d14ff3eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\C062.tmp
    Filesize

    465KB

    MD5

    db751de79a1f68cad9133c38ba02e4f4

    SHA1

    0e7ffdbe3bd17a25ad0f2bdebcb2ad27f47bd7b1

    SHA256

    abc76ffdf5a410be11d8c5fcb25499e7e195ee5bb6ee0620f2cd08cc075314f0

    SHA512

    7e7cea708227cfc2b9c53382c3be06dd5a0495fe36d57ef38a95ae3ee27cee42c322315137943a42d34aad95d21b66b1ecee1b62bc903eb6da84a885d14ff3eb

    Download Submit