Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
14/02/2024, 16:42
General
-
Target
2024-02-14_1bdf198c2771f63897825ef3c025a945_mafia.exe
-
Size
473KB
-
MD5
1bdf198c2771f63897825ef3c025a945
-
SHA1
ded8928724043650e814d072ac44e8b12ba3526f
-
SHA256
b8837a0d0312266de64a98e76f69c9a673e2b3c6674b4855b33fd520d8699a48
-
SHA512
a2fc3573850a07604da3d76adaa6afe403489d565a67c6ace57fe475d2a6dc054f3171da28b385b44f817d2a965570c48b1b4b4d178cd66d258430eb016d9a25
-
SSDEEP
12288:Nb4bZudi79LYcBDmPaVFDLysNkqj7ScNMEfGwLDA0a:Nb4bcdkLYcYyLVjjmcfJm
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_1bdf198c2771f63897825ef3c025a945_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_1bdf198c2771f63897825ef3c025a945_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4F68.tmp"C:\Users\Admin\AppData\Local\Temp\4F68.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-14_1bdf198c2771f63897825ef3c025a945_mafia.exe 315BA3CBBC6AA462855EADA0A010CA8D894C874A566E661DDCED6A3CAB58123C3DFAC7814E0F514ED92E82435E76520A343ED0276C5250EC95D5496D117417F92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5dcf883c03ea9e58d38842ce711891e6b
SHA151bdc749a02886628a6c8337c416507f2c4fb6c0
SHA25690db26a6c591104f1cafae7cd289506ae59f19b453d98d586275ba597d3d9ae0
SHA51278bc4a79afa54059f5f609b97cbdce207bf43c0aee80aea1a71bc4a4ec9715482d08f2a8a1fb35f241a80075825773ffdcccd3d58aa962c58d31301f0aca2937