Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-10...ia.exe

windows7-x64

7

2024-01-10...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    11/01/2024, 05:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-10_3512192e50317945d1dc6fcdba81dc0c_mafia.exe

  • Size

    468KB

  • MD5

    3512192e50317945d1dc6fcdba81dc0c

  • SHA1

    c8afe89a697ee058c9925909b61a92cb5ff4ead8

  • SHA256

    b9fd85f29936bd81f13dc98b612476eab292e4c759cd30f1719e558eec82b602

  • SHA512

    508f20a7d285302951417d936720bda557859d2b7e582ba554f7a4c20703306a392789c2949bed19400fdbe94bd9df713358dc9f4c08eb7a70ed411bdb20f780

  • SSDEEP

    12288:qO4rfItL8HGtYO8oLd2NyZ4x0luB17bWmeEVGL:qO4rQtGGmO8EdiNkwumeEVGL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1A73.tmp
    "C:\Users\Admin\AppData\Local\Temp\1A73.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-10_3512192e50317945d1dc6fcdba81dc0c_mafia.exe 7A7C2C5207C00A62E4E38BCED84185D690C3C671D082A99B34AF0F416D8AFE6B7C7D6816135F6DCF44C5ACD0D3399A4E3BC87E727A2FBFC2BDC116CFB38564C2
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:2412
  • C:\Users\Admin\AppData\Local\Temp\2024-01-10_3512192e50317945d1dc6fcdba81dc0c_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-10_3512192e50317945d1dc6fcdba81dc0c_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\1A73.tmp
    Filesize

    261KB

    MD5

    0ffe0b79bd49adef50a86d4cf2657bfb

    SHA1

    9512b8c6e749cfba8b0ce82397f5276ed6ad192a

    SHA256

    b289e6c4666f54edccdbe46cd5c3ffa11e1d6182625298d8ef07d5ba247b2939

    SHA512

    a9d84629a0947918bdf16fe3e9f680591ffd8578decb1b0bfd348d9c75ca99ac86618e3e74d2cc3c7d79fce49eb3db87a3600a19f891c3e380ce8bd315fbc6b3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\1A73.tmp
    Filesize

    409KB

    MD5

    b9758bfb46444f7a70a98a95c89c995c

    SHA1

    26ccd7c618055551251059d55cc05c4eca7d6cfc

    SHA256

    e416995ac9aba8d8ba5389d7c6a7d60a19f6e55c916c9460ea5fa7b7da547d86

    SHA512

    96a822b026fdc81f5728e70704cdd3e3060dcce2d31b328988a6fdb946c05c0a0b2c5ba0b81493e64b533e7c266db02e44eb7a6054be27bb2a548b33658f8e50

    Download Submit