Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-11...ia.exe

windows7-x64

7

2024-01-11...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    160s
  • max time network
    175s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/01/2024, 06:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-11_ee9a9ea27774279365ee2bccb1b30bde_mafia.exe

  • Size

    486KB

  • MD5

    ee9a9ea27774279365ee2bccb1b30bde

  • SHA1

    8277a88b7eff575636abd6938ef6e09edda92fe6

  • SHA256

    faf531b6ce382884b4e77780d279936d1baf63d34bcd5e289e12cedfce845e3d

  • SHA512

    e4bb173f2ab7fe76075ae1ecafdbe586644d8f4af9d2691ce6515db973e58ecb27401c0bf7a8bc5c7e6d404cd532f2ccf77d1f0fef9072963d016b93e626d999

  • SSDEEP

    12288:3O4rfItL8HPybjyoXqtZNAP+eCTDMs7rKxUYXhW:3O4rQtGPa+qoZqWee3KxUYXhW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-11_ee9a9ea27774279365ee2bccb1b30bde_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-11_ee9a9ea27774279365ee2bccb1b30bde_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4240
    • C:\Users\Admin\AppData\Local\Temp\B95D.tmp
      "C:\Users\Admin\AppData\Local\Temp\B95D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-11_ee9a9ea27774279365ee2bccb1b30bde_mafia.exe D2DE76F1B959667E282F521428B63CE75D3F132DA2643C31546992F79DE75F5D64920FA294D7902A0324DC6F24B782928ECA37A00A8C6DC8ABD3EE6DDA02B201
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1392

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B95D.tmp
    Filesize

    40KB

    MD5

    bbdbc849b9ce225288ad46ea0bd7f6b4

    SHA1

    2d1dc67b4e9ef01ba508f91292d7fed62d42b611

    SHA256

    d804c5f8215e52b9e66c59b8e0e8ed890ce1959298cba23f8aec914b3a6dc35f

    SHA512

    529ce9eba8042068e70cfd1a3a17362785745bcdeb960f90e72ba2de1619e860da00fb606f31b3fd4b51358da8c6a91dc408330465d3dbdf5e802b737af2aee5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\B95D.tmp
    Filesize

    27KB

    MD5

    fc597644931a32d3b7e086728f0790bb

    SHA1

    9ce38ede4d3bf653c52e915944e4e7990e01a254

    SHA256

    5c7868046bdc15b96b8662a735575ee405cb1e70deb6d741e4ee881d4948097c

    SHA512

    7f9aa8ca846c32c3ee9c3b57e6d1e9ea3413e34623ebab568ab777fb4be80d8b3024536b11c647c2b3778f867b29f1f972f335d2695865db02932684a7c31759

    Download Submit