Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
49s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25/01/2024, 20:31
General
-
Target
2024-01-25_cb689169c1471a66ee846081d45058ff_mafia.exe
-
Size
443KB
-
MD5
cb689169c1471a66ee846081d45058ff
-
SHA1
3212a769604f480469816123e0cf04f056c7fd08
-
SHA256
81d48cc35964fbcce89b205e362ffa7aab88866cbb7fe6c7a46f1a311880a1e1
-
SHA512
8fee6e0dbe3c792ea12263cd51c44a5b96e90935fc0641a23484b1bbe1f7810f24cc8acc939417138d08fa80a436d4f3a58619f72ee3eb9f2fb196f59b9d18e6
-
SSDEEP
12288:Wq4w/ekieZgU61Rgv384AQeKQemzc9Edg2IxlMa:Wq4w/ekieH612Mi/scWdg28P
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_cb689169c1471a66ee846081d45058ff_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_cb689169c1471a66ee846081d45058ff_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3FFD.tmp"C:\Users\Admin\AppData\Local\Temp\3FFD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_cb689169c1471a66ee846081d45058ff_mafia.exe 64FBEF3C66E44191A8CE6D812D827E260305C4DD53882C98D7715783F65DAD86ACBF1DC423B08802337452679F05FB169AFCEBC6D41A6A0CC74CE09BC74AE3B02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD59ef17c40613af46fa0e583d5804abfcd
SHA1b39a6d6f6089082ca99a909d6144834d8418f63d
SHA256aaecd6681ed5c58cbad281acfe1ad55cab8fb7f35677d3751142d2a393f381bf
SHA512091875810f266c56731e6a4966dd4fdb7899877952cbe8dc6619e185bd16912342ef9e04493cbd0fba0d2f6b339ad66541727a654ada46551419b47bb505bf09