Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-23...ia.exe

windows7-x64

7

2024-01-23...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    23/01/2024, 20:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-23_17f6992973ff07eb7be9465fe6e29694_mafia.exe

  • Size

    468KB

  • MD5

    17f6992973ff07eb7be9465fe6e29694

  • SHA1

    83c20843fe2609cf03e9b6f4b29df473b4759a46

  • SHA256

    3039ee5b6f77777c661ac9413b272e2792558d205e65a7c358262ccd09463506

  • SHA512

    cebcc3e1eaf18ccdf4295c85caea5718bfeaa6814eb87470ae194ec69d3fc0eb437f8d75c5050fa5fabec2f0a9bbda269e5ed30d9ab9d6fb2b8dafbe9ab5cef0

  • SSDEEP

    12288:qO4rfItL8HGXd7+bHCGaVPfgb/XvJf0TmF7bWmeEVGL:qO4rQtGGJ+zCmTljFumeEVGL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-23_17f6992973ff07eb7be9465fe6e29694_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-23_17f6992973ff07eb7be9465fe6e29694_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1160
    • C:\Users\Admin\AppData\Local\Temp\4A88.tmp
      "C:\Users\Admin\AppData\Local\Temp\4A88.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-23_17f6992973ff07eb7be9465fe6e29694_mafia.exe 6E05782CAE3A60AB7BF6080D72E775A1A4C18B16F0319F58BA7D8B204FFED80F13B078E93D38748845E730E3B8965F2675F349A02D61F36A336E831F1CC6CE53
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2272

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\4A88.tmp
    Filesize

    468KB

    MD5

    1e4f3fb3d47a4ca9c5395dd481c8f551

    SHA1

    d4cc9fd1253b8bc2fe002781240804fb358001f7

    SHA256

    f99ac115735d88e3b045731a416725204e2ce2d927a703ed29c6b731021af6cc

    SHA512

    b19ef36cc428d1e093df5b18f6f51b8722014e6161420072201fed46331337de89483b50d9caeb960949392c4c5034c188dbb24165e5d4a375929603fd18d616

    Download Submit