Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
17/02/2024, 07:37
General
-
Target
2024-02-17_645722dc64d4d62796798b6b31c6b6f9_mafia.exe
-
Size
444KB
-
MD5
645722dc64d4d62796798b6b31c6b6f9
-
SHA1
a283809ef860236dae995bb35a2ff4276d02fb8d
-
SHA256
93ebf73c79a9805032317306f421639ec989dac0defb5fb88b2a225fb06e4fb3
-
SHA512
e1f30fbf7be39b2e0cd57e55a0e7fb979707d02dbc3d8224bc1799f34ad43bfa085865f326523dc13d59de52f204588e70b571cdfb4ca6ff0e98865b43aab8b9
-
SSDEEP
12288:Nb4bZudi79LKBmVzkWcnvpDMxejcSmZiMA:Nb4bcdkLegkWSHjcHZi
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_645722dc64d4d62796798b6b31c6b6f9_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_645722dc64d4d62796798b6b31c6b6f9_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2FD7.tmp"C:\Users\Admin\AppData\Local\Temp\2FD7.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_645722dc64d4d62796798b6b31c6b6f9_mafia.exe 5246CD2005A71BA093966DE1A95FCC91286D8B15CF006781F2EBE527A9350325A9B8D720F1BA8584227D29AB7E6C3DFC9CDFF89FA0F21E34CEE6C000D5C4ED902⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD534429b40f10a95806a8f7f808040c311
SHA19485cef75bf9ae0eaa13e0a8d8be94da480460d9
SHA256d2410a656a89d65d920e2b1d22eb29fb448a9658fb1ffa62b1334297c0dcd626
SHA512cb389fd6ff62fddca2d58f04a56e8f4b8950cebc493410dbb9ebb167695af618450a0fb0809002644d0490f980eb2e3fa346474f25aab72f769f1cd025825008