Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
144s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
10/01/2024, 16:33
General
-
Target
51106a564002320f30435aa6c25b8dd3.exe
-
Size
2.0MB
-
MD5
51106a564002320f30435aa6c25b8dd3
-
SHA1
4304b24f723fbfafbcffa96cc7a5cfea7525ad06
-
SHA256
499aedc02c1f6fe422cebd2c513346c1d5d474f8b33f121b0e1332f44cd2d2e8
-
SHA512
8a6462a0a8c229ad5161a274988b0e159ea7698e631f5f37b6e76610463cc446249b6c20b42e57ddc014a1d2eb900d52cbae0574029b433f0029dec9a58b0400
-
SSDEEP
24576:dgdhhQGGnnazLpj4VHogiuGYNycAavew3mwmI1nk30sKbcGOyRWEMVM8w8sm/FvN:dqgazxcGYN139lnk30raxpX
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\51106a564002320f30435aa6c25b8dd3.exe"C:\Users\Admin\AppData\Local\Temp\51106a564002320f30435aa6c25b8dd3.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\jgfn\mt.exe"C:\Program Files (x86)\jgfn\mt.exe"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1008KB
MD5804d90b5be927e1ab37933cec1ae4a7f
SHA17b8f80d4b23053d8c54297796d9ce95d5d45140b
SHA2569f3420a46f245235f8e8751ceaa00c4c66285b9749effb6343b96af61d9fd61b
SHA51266a4fbf7235442b1cb8d40fd7bd36de8e06b7a519ef12ccfb7173fdb8dedb10d0024ba43b35b1f3ad95f8ab6efc7f68a3bfc8c50ac61c067939d578822dca1c9
-
Filesize
906KB
MD5fba695122543cb97def5d189703e578d
SHA1b7f346f4193ad0db1cc7135cba1167af87697686
SHA256abd2e242dda6b560ee94d53efc66fc8a529d333ab0a4f282d7fa0a23b9ce4363
SHA5126151fc7042b4a1b4b882610ecddb5c10ccbe8775c483ec343b0619dabcc43c2484a5b2238e06e66b0524ee633a1c1a760e39185905d2cf8976b14577f7ec5bf3
-
Filesize
360KB
-
Filesize
360KB