Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25/01/2024, 15:47
General
-
Target
2024-01-25_accae716ab53d878a75ef4f7069822dd_mafia.exe
-
Size
468KB
-
MD5
accae716ab53d878a75ef4f7069822dd
-
SHA1
8ccd7d16695ee0ddec1acf6497f4383a37a1c71b
-
SHA256
4d21a64e2ffaa4047163ea06b6233a4fa9131adaf592ff714e88278d738e3c8b
-
SHA512
339c2c88cbd7174bf577e811d213a80cac8252e9ea13c8e89d01ff53b491063cbaaa2bcf7a37b231ce0fb6e52f6716911a18122f7881006b2dd3176feac59e90
-
SSDEEP
12288:qO4rfItL8HGpA9QGikSKzRAx9Lpw0ru7bWmeEVGL:qO4rQtGGpA9QbuW1diumeEVGL
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_accae716ab53d878a75ef4f7069822dd_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_accae716ab53d878a75ef4f7069822dd_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\10D2.tmp"C:\Users\Admin\AppData\Local\Temp\10D2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_accae716ab53d878a75ef4f7069822dd_mafia.exe A53FDA9B6F4B58D69C5ED2F9D5BA52C6658BFD55DA808CA68DA48C7E48B3260B0D6716E8C650A4CB7121D111A15B1B991EEAA8A5F8A3BBEAD9B44D28A1D5CBB02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD5274db4f76f2d0b7f148d14d312b23278
SHA1cc1dd403f3f48326c4e46bbb15b6100095dd67ee
SHA2566db38e874f54359f58793a2fa83a43b5fd3ba72c6cd34cd6d162fc0cc3e0b4f0
SHA5127d1d4c0ed39f6011af5b48a6f1abe89539805f7fb73ecbed651e06c81619d8b75d0a69a6c0ec2c2f241321fd0f7d31327585dbbabf535cdcccbd39df166791b6