Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
04/02/2024, 09:30
General
-
Target
2024-02-04_393e5c6569575f83691954da0e58ace3_mafia.exe
-
Size
433KB
-
MD5
393e5c6569575f83691954da0e58ace3
-
SHA1
b68fe34ba014d9199462ac3e686153dab78fc64c
-
SHA256
7b8c6669a108320fa9ce7d0836d95911036a756b9c5cc0496bdff482e151ac6b
-
SHA512
dbfb73afd58ca062a82dadb3ecb9ce192861729ab9272cf60e2c93985b014566df56515c779592c88d6a7c737e3c4c91f3a576abbf91992bdb4891a4510fa7c5
-
SSDEEP
12288:Ci4g+yU+0pAiv+R/gKl76rN8poAN52wo/Kn:Ci4gXn0pD+BgKV6RooOeC
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-04_393e5c6569575f83691954da0e58ace3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-04_393e5c6569575f83691954da0e58ace3_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1989.tmp"C:\Users\Admin\AppData\Local\Temp\1989.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-04_393e5c6569575f83691954da0e58ace3_mafia.exe CAB559A7C5015FF2F1E9BEE76065285278DA5EE14D3F6FAF50DC2C0DB4878A647F99EFA85144F7ADB75346D5D9ECA88CE48D488B3E3E1FE2BBE2A179E89E936B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD551037b61bb47ece43a5abe642444fe53
SHA18b4ee00c4d73faa9ae26a1ed840cc54cafd07540
SHA256561feab5389c8e6922893febc8551ce3813a9ddca5b09eb29049a7570f5c9058
SHA5128e11b1bf192cd49000b9b9e809998ff17f764016abfe8d7647fd469cfdaac2c6363a720384574ad073ebe9f4267553417a387452a9728e18ad24d6c995c12155