Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-02...ia.exe

windows7-x64

7

2024-02-02...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02/02/2024, 10:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-02_1383791cde3316f664a1ab237afbdc2b_mafia.exe

  • Size

    479KB

  • MD5

    1383791cde3316f664a1ab237afbdc2b

  • SHA1

    02274642d59d7710d71dd9712b9db7740b7079a1

  • SHA256

    09c532b2c50bd7a21c822fe86ba41fdb530e55e09f897cc414a9faf03317f02a

  • SHA512

    3d64db73870101a6e90b0b8e78369401d63186884b8c17e7f99b6cd2c582ceead1b95684156a6a46ac3502d8c1e021d5ec94516536dcde1d190de9550ed74884

  • SSDEEP

    12288:bO4rfItL8HAYeuIz12yK/c+SJ852M5tbdQls1Y75UO:bO4rQtGA3uIziK85zZQKiVUO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-02_1383791cde3316f664a1ab237afbdc2b_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-02_1383791cde3316f664a1ab237afbdc2b_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Users\Admin\AppData\Local\Temp\1036.tmp
      "C:\Users\Admin\AppData\Local\Temp\1036.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-02_1383791cde3316f664a1ab237afbdc2b_mafia.exe FC086A9B9ABDE1E5C415C80034572FED7E1E7AF7175C79CB9BD05336E9F2BAA1D0332D0F0AF50FD70FCC0240E98BEEA93E34366664149C03A83D39138A689DC5
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\1036.tmp
    Filesize

    479KB

    MD5

    e184e8023e46708d92ad66f969dc12e1

    SHA1

    147077ae0fffe495862f6208740a42f47beda16d

    SHA256

    352773428928ff63d447c5f09c0b6ff59d52fafffe3c4d52acfdeeddb8dad421

    SHA512

    461b888c0d5e15cb59fd6c2778244969fbc7a9640703afc6463ce54422a04e3f42207cf9fcdfc9d8eeefea828a76daa6f0a4056387d1698d884beb4107f06378

    Download Submit