Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-18...ia.exe

windows7-x64

7

2024-01-18...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 23:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-18_f30cd819000d034744ccb29421408d65_mafia.exe

  • Size

    384KB

  • MD5

    f30cd819000d034744ccb29421408d65

  • SHA1

    9445d2580ea0c3afb70be7cbf923902cf0ae904a

  • SHA256

    fff071bb9553f9fa5081c3ddb3d10caf1664dcedbdf276d9f645f8ba942ccda4

  • SHA512

    28a1e92319be9b29d2b430a6a28d7ae7699bc8917ba5e08ba4dabaa266213a3cc9810fad2fbc21cf2e60b6d78ff3ffefd4ee2df68de11424f201e108484b53a4

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hH1cuFsO5zuNHxVnBnUrXX0cUUhZ:Zm48gODxbzbcuFn5zuDk0p6Z

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-18_f30cd819000d034744ccb29421408d65_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-18_f30cd819000d034744ccb29421408d65_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2836
    • C:\Users\Admin\AppData\Local\Temp\8353.tmp
      "C:\Users\Admin\AppData\Local\Temp\8353.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-18_f30cd819000d034744ccb29421408d65_mafia.exe A54E3992EB19F26B733700375CAC617742C0749A12EF1FDE968EE11A209D931526EA950EF6FBE2D120A45ED6631372F84AA3E1D8F8AF728383431DCD166B669A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\8353.tmp
    Filesize

    384KB

    MD5

    86ae6fb96ccfc4b88f9244bdb0812cf9

    SHA1

    af7ed67e1dd0e116c75e01d8549efca545e8c018

    SHA256

    53337590fe82141d3044699e3947c984d2f19d82f125d6d55d1fd298b43e233d

    SHA512

    cefdbf8607344efc3086e7f999bb61ae8aa291fa9cc123e83f6940f410ca04263aaf754b4adcec23cd73f0a3a3e2d4df679d3e0dd54ef80f986b82a402114c34

    Download Submit