Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
69s -
max time network
40s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
10/01/2024, 05:59
General
-
Target
2024-01-09_b11777b66f604455fc60886aceb3656e_mafia.exe
-
Size
433KB
-
MD5
b11777b66f604455fc60886aceb3656e
-
SHA1
2395e30072d8acd3be2ecd34a2c49b3a1e3fea3e
-
SHA256
9097dd607816c94fb827db3bc344d00df10b979cdf1e8f484fb2074a6418b523
-
SHA512
8b7d2ca0d70a04e12a7f6bbf2ad71cb511c255706bc776954998f32757540e40cffb86fb0f4c4a4c90ffcb1f3c14ae71ccdc34d17c91b22f4b7368df43e1bf72
-
SSDEEP
12288:Ci4g+yU+0pAiv+uklmLDD4KLUZkuV0mXzXRn:Ci4gXn0pD+nmLD8yUZHLjZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_b11777b66f604455fc60886aceb3656e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_b11777b66f604455fc60886aceb3656e_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A9C7.tmp"C:\Users\Admin\AppData\Local\Temp\A9C7.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-09_b11777b66f604455fc60886aceb3656e_mafia.exe 6712F4CD625550A34E454A245F56360CE60A631FE3C066A53FB7EE4F4381AE9761BD71206918AF15CFC7F44B25D83E4BF383D481749FC9DAA6B4B8AC2CFB37342⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5ec1d168a350debfa1255713d77b7d08b
SHA115b08848605d97703c0824f8eb5e6bcbdca0d84e
SHA256f9ac706841d09993df37da5643660a4af6a1968c551961ec0a43b551fef8c335
SHA5129ed65c4b2c3c741a8f8cac24ac5971bbae37842eb0a388098f331ef462ec026c7074301c7bf245c7b7e99733a79f75487e000a3d24bbc56ebd8c63aa170a6515