Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
29/01/2024, 15:29
General
-
Target
2024-01-29_26d4aac159a5284a0bee4bc2d4dcab76_mafia.exe
-
Size
384KB
-
MD5
26d4aac159a5284a0bee4bc2d4dcab76
-
SHA1
1f1d8e90317c4aefecdcf5e21b0397cf43a5868f
-
SHA256
dd5e5abba4454a9e2c9c6d63aeb3e547c11400549802c77f0825c2c08b609c0c
-
SHA512
6b15e27f5e3194f078801cf7b9127ba5433ee432bfaf0b318238379d1284875240e73f26d1c466a276f3382c9ea97897f30b5b139f7b311177542956a6af8a0b
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHAcUEOqmR4WrOko/DmuSUBNsgDCFmt3+x7fJZ:Zm48gODxbza4I4WrOkoySQgmQ5+xbJZ
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-29_26d4aac159a5284a0bee4bc2d4dcab76_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-29_26d4aac159a5284a0bee4bc2d4dcab76_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\29AF.tmp"C:\Users\Admin\AppData\Local\Temp\29AF.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-29_26d4aac159a5284a0bee4bc2d4dcab76_mafia.exe E5BB73EFE38D551958B40C50933BDB15BDCAD3024DDA08564B8074F242721C6E80021238F98CA548134C3C4CB44458728054259F38229B7A385EAA40064258142⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5981fba52762fb58fd61531e991f56bc2
SHA1c877f5d5c512c78636196cb7204de1d3bf028fe7
SHA256ff91503852d30407b4008390bf842ad5c6f527f3c194cbb5edc5d495126e87bf
SHA5120fbd22a160b73fb413d03c526c8655a3db5a820316350d5d54bd3acc597b1a58a863e394a8f35bb11cd41d17338fda9a0f00b1fe7850a6c3904fc926f87fc36a