Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-18...ia.exe

windows7-x64

7

2024-01-18...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 13:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-18_acfdfbfcdc7de55ba90662854b2dbaff_mafia.exe

  • Size

    384KB

  • MD5

    acfdfbfcdc7de55ba90662854b2dbaff

  • SHA1

    82f83cf1dcd2cc5dd4c1bdeb9f0d36274671d816

  • SHA256

    e262ec71c7051a1cbff5fcddfd6ff3b25524583b8c116ebe39303d491865e39b

  • SHA512

    5d6f3356cff6f62e2fffbc33a2d8295e90005474373e52ae8c0d470a3cc819ce4539c77320499ad6525fdefd0580ea463fd3e81850c83efca451b31f9a371732

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hH0Q7LHifxxr1O+9HQfW4nVcSnvQW+QwZ:Zm48gODxbzriplQgj4nVhvP+QwZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-18_acfdfbfcdc7de55ba90662854b2dbaff_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-18_acfdfbfcdc7de55ba90662854b2dbaff_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1200
    • C:\Users\Admin\AppData\Local\Temp\5B69.tmp
      "C:\Users\Admin\AppData\Local\Temp\5B69.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-18_acfdfbfcdc7de55ba90662854b2dbaff_mafia.exe 8E15C8F0ADD2CBB48AC14860815352FE06A2FC5AA701944ED6E82B258C2200042C1D93FA7558CB37180E0D1BFCB1FD6250534390F421BC220DA4274094D2E06B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\5B69.tmp
    Filesize

    384KB

    MD5

    dc5dc80759e95e6bad050e3b89079afc

    SHA1

    945f2bfad11678cd502d8a7f0e7a4cbad78cc984

    SHA256

    3524a5f354f92203deb7dfb56c5ce4f44f5bc26e278d15391990e8bf4ca33b5b

    SHA512

    78a221d43a32046d783a3156e55853ad644297df149ac55023910e0d311df24391ee9a0e1380d6a7314e31cc2cd1cb1d86cbd3162a1ef0107a8717b804836edd

    Download Submit