Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25/01/2024, 21:27
General
-
Target
2024-01-25_e079a3ee5d3c6184ebbd5b55d7f9dd65_mafia.exe
-
Size
444KB
-
MD5
e079a3ee5d3c6184ebbd5b55d7f9dd65
-
SHA1
79201762b1e506c525ef577e93108a70912ca463
-
SHA256
7780ab7dee1b4274a54e193eb6850c58c88743420622a5e7aebcb3bb1301177b
-
SHA512
033d9bceec2f9a947715bc2866ddc9718d02fc6dcd10c5b1429d303029420e0c706676370ab4ddcc2cabf77770911c9198bfe1525232363b532a8cc2d3e77b6b
-
SSDEEP
12288:Nb4bZudi79LFxu/fmKrfGQzv9+rCk7zJA:Nb4bcdkLF43PzGK1sL/
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_e079a3ee5d3c6184ebbd5b55d7f9dd65_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_e079a3ee5d3c6184ebbd5b55d7f9dd65_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B47.tmp"C:\Users\Admin\AppData\Local\Temp\B47.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_e079a3ee5d3c6184ebbd5b55d7f9dd65_mafia.exe 0957351713AE8F45FC66CBE593C419A15B21AE143A8D854DBD8B8370393862D751B67B6658B352E3D6CCB80706D93325879B0E6BA79847F477AA7F15A2E9FA612⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD56a8dfbc1bbf9a0f27d556fc52c0d6325
SHA176ec9357f170f93ac08704ca875f56a265640306
SHA2565bff4c9d6d3129ba2244f26199d5c85ea143c2947871fa9e06895f79144bb6db
SHA51221036d63b0d77d8330629f0b0907b4248dc4bf99b13e797addb797d179b1a614e8be1479243267bf23396420114e793bab4dc75ad5ce05ff68390874fecc9805