Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
17/02/2024, 15:31
General
-
Target
2024-02-17_8347048b44d03fbf8b8cf77923d25883_mafia.exe
-
Size
479KB
-
MD5
8347048b44d03fbf8b8cf77923d25883
-
SHA1
6c5f05345bee228f443734a5216224b4a2b552f0
-
SHA256
35c3e428a363f4648b556834bfdd9fea477a48e85ffba31c2fc1b11c84ea8cb9
-
SHA512
0a56a3418899a95476ee27f8effebabc4ad52a4c61e13ed66e57dbe07660ac4912a15c7b2c2fff99e5d13b563358a7adc545a8a2a13219a7fdb75c0da20abcaf
-
SSDEEP
12288:bO4rfItL8HAch85vG+8d6SUPczJw599YdTY/bRy75UO:bO4rQtGAchie+8dnUEg9x/bsVUO
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_8347048b44d03fbf8b8cf77923d25883_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_8347048b44d03fbf8b8cf77923d25883_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A2E.tmp"C:\Users\Admin\AppData\Local\Temp\A2E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_8347048b44d03fbf8b8cf77923d25883_mafia.exe 699337CAA1F8D90F3AA98F51F662D3407250786C3D0433DEE318109A55488A4D6D797F04409346208CF2133D2491E761061CAE4048376E0AD542AF6E8769AB632⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5e9d76cacaa1669b8558ea2134b6efe3b
SHA166a80429eaae31feab930a6ed3afc16b6202a4e7
SHA256ab404f03819ca5d1d3cfd9f66b4009d82ab3733105df4406ad4c96701b7c4a31
SHA51286590618b924887f5cae49e6e7aabaeed33352df54a925c3ade830e8440f59d851290c5cebef421459f5ecd4934f05f7cbb2466e58d4a0077cbd34a2ea210fcd