Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
17/02/2024, 14:27
General
-
Target
2024-02-17_47914c8f51aa0c25df72997c56429a2c_mafia.exe
-
Size
479KB
-
MD5
47914c8f51aa0c25df72997c56429a2c
-
SHA1
9e134040ed52c91da9957d405b849b65adad154a
-
SHA256
7fea62c76b910a801480d2de7e3f82ac8b4c6de823780ec42952f3dc77cc1ecd
-
SHA512
49454f39f032c00161cd255b21575555eab72a0ffb6ecfdd10b03fdb235a452cedd11375e9ad43ca8a3e1da578bf3a77c179b553a73d5969eea3cb947647133b
-
SSDEEP
12288:bO4rfItL8HAsz0Wg0rY7+81IC0AbYqX4v08Nks75UO:bO4rQtGAszzbrY7/ICOqXopVUO
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_47914c8f51aa0c25df72997c56429a2c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_47914c8f51aa0c25df72997c56429a2c_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\37E2.tmp"C:\Users\Admin\AppData\Local\Temp\37E2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_47914c8f51aa0c25df72997c56429a2c_mafia.exe C1A80E0671B1304D8C6F07841C1AA621B350D8AAFCF30356B61C27D9EB1C9F2AD0EFAA95018D824730E2194B16EAE40204DF0C71AF5A4150B0B5AF0D7B835AD52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD595005b8df94e3100adb9c1405614b4da
SHA1d75bff741a6241f9bb942b051872651bdd13fb2a
SHA25660837a84fe0248551dd39fc0a7498fb178e948b89d0c7c58b61c1bc78a27ccc6
SHA51210aacba84ca6b1af50e62a61d1b60448e24d6a73e436bfb87576b958f90855a1e1cb1eaf4d01ae758a65e8a5c625a7bacc48779031ee5d7d4da9034f109679be