Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    164s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/10/2023, 19:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2023-09-07_c58e003f23819fbe11ac0706dfa1b019_mafia_JC.exe

  • Size

    412KB

  • MD5

    c58e003f23819fbe11ac0706dfa1b019

  • SHA1

    85875a41cbf6379fee95106f7a5506b4af780d3e

  • SHA256

    de7450bbeb19fb9d3c83d02d881191ec20197b840719b3e00de96a1f4d788aa6

  • SHA512

    6d7565826a5c29550a47b4c9945c938d09105090be17492f7f8d90582272da4e5f531606464f27e34ade0f18b3a26bb9bc35af8fbc6c986b25e3a8d6cb24c619

  • SSDEEP

    12288:U6PCrIc9kph5mWfhX8uMEqEEY66BMhNgLU/QiQ:U6QIcOh5memEEfgLU/Qi

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_c58e003f23819fbe11ac0706dfa1b019_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_c58e003f23819fbe11ac0706dfa1b019_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3116
    • C:\Users\Admin\AppData\Local\Temp\E6D6.tmp
      "C:\Users\Admin\AppData\Local\Temp\E6D6.tmp" --pingC:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_c58e003f23819fbe11ac0706dfa1b019_mafia_JC.exe 69812AA705DB12743F237ACFE7C97C16585FDF501917CA4452BAFB914946E74717AC51119DFC8D6DACDAEF65AC1B59A670DFE8F0851E8AFCF5FCED2C3AA06B3D
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E6D6.tmp
    Filesize

    412KB

    MD5

    33dbee76f3adb60963bc5a27304a886b

    SHA1

    4a00aab61b5d2eddd790d22f0dd0ce9e07c1fd57

    SHA256

    2b22919399932d0c11113521f46231e2056fc5f01bb9938050657e90030a6344

    SHA512

    05d55e0f434870a4f5429faa6e3a6336b0a7572c05eea5ca62c1236ab72b707a618ec82dfc9ec44ba4f4b2bec79c604f12fb5ccbb469cbf998383539db5e397f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E6D6.tmp
    Filesize

    412KB

    MD5

    33dbee76f3adb60963bc5a27304a886b

    SHA1

    4a00aab61b5d2eddd790d22f0dd0ce9e07c1fd57

    SHA256

    2b22919399932d0c11113521f46231e2056fc5f01bb9938050657e90030a6344

    SHA512

    05d55e0f434870a4f5429faa6e3a6336b0a7572c05eea5ca62c1236ab72b707a618ec82dfc9ec44ba4f4b2bec79c604f12fb5ccbb469cbf998383539db5e397f

    Download Submit