Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-10...ia.exe

windows7-x64

7

2024-01-10...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    11/01/2024, 05:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-10_3255ca7b0ad14bb0002572535f1a4d90_mafia.exe

  • Size

    468KB

  • MD5

    3255ca7b0ad14bb0002572535f1a4d90

  • SHA1

    953f113061da70599db402410049b639128ec4b9

  • SHA256

    eb628bd22719f189a790ab40880ff9456160a55ad7b153dc001cd08101183a7b

  • SHA512

    ef2ce9a6e897f63b75385a1cd9b91587480e5090277be6090c1f05fc05bd22815a16c1514fc710a787dfe9e90f576e720bec097b711a105d40aa7398835a9e52

  • SSDEEP

    12288:qO4rfItL8HGZBxpsOLxJDnBdotSXFrPtOeo6Ch7bWmeEVGL:qO4rQtGGZBxpsQx3qMXFrVOejChumeEk

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-10_3255ca7b0ad14bb0002572535f1a4d90_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-10_3255ca7b0ad14bb0002572535f1a4d90_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1352
    • C:\Users\Admin\AppData\Local\Temp\4328.tmp
      "C:\Users\Admin\AppData\Local\Temp\4328.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-10_3255ca7b0ad14bb0002572535f1a4d90_mafia.exe D694449A33DAA4777C3B744DB845F36C52FC39E5F8EB05C15B2577BC8EC20E3294F0FBC33F33659FE5B58B94F4F24C2DDD1A7B222F7DC1F02BF685C9F45012DD
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\4328.tmp
    Filesize

    468KB

    MD5

    a62b9ec14922d49d21b6a25dc15d17b8

    SHA1

    c064949e78b1555a492fb04c8811272c586c4413

    SHA256

    5718477ad87ad18fbde22420ef5f7363671066fe5dee79c4a62d51e5738fbb19

    SHA512

    09c462f9b0e7c0d3efc60087fd3cf8ee74276c15893e132f1fd273ebf7e4bbb578e45c822f3adf0115d4e52db5baf7f6b81c2f7b0cd0e0b3ebef2769b69db3b9

    Download Submit