Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
13/02/2024, 18:21
General
-
Target
2024-02-13_db0ba0bc62d5afe4a2be3303e30ac616_mafia.exe
-
Size
443KB
-
MD5
db0ba0bc62d5afe4a2be3303e30ac616
-
SHA1
c82ca9227bb4894794016728a35f44fa3a4168ba
-
SHA256
47fbd98ae13a0d5037340b6ec518d81619906af48756ea5426f2fa156efb5e40
-
SHA512
b45d563a956ca792dfcd9dcc3e16d4742e08ab5790e1c440f5bad21b3549955859b3c8b81bc6cb6fd6a8c728d203b12bdc7e066e692da45c2da8e8c463877659
-
SSDEEP
12288:Wq4w/ekieZgU6KNg+bi2+i7bfEURFRlMa:Wq4w/ekieH6Dm9+KMMRP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_db0ba0bc62d5afe4a2be3303e30ac616_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_db0ba0bc62d5afe4a2be3303e30ac616_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\43C4.tmp"C:\Users\Admin\AppData\Local\Temp\43C4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_db0ba0bc62d5afe4a2be3303e30ac616_mafia.exe 15F21D71D2DA27893380226214FB119488F1F0E3842ABEFA8A96C83BEAE3BA51DF9F0D823A370D71DDCB6D30806BDD68BC6B83023B68DAF3F154EF6485936D8B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD51bd9ad17422b0ff8d4a617412e7dc948
SHA168519bb95f40b7f9b5fe14d754e38e90ea279d49
SHA256d2120db8e6ce17a4ec1575a329a4cac238ce7316f9afbb83035a8f7a848486c2
SHA512eb9fb3183d2d92787363a244068dea3f820df2ae5d9e87bb9ed8a85f48a0348bd2b407be403984d1ab2b87844227776c152601511c00bac13ccd9f92e8eae3c1