Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
19/02/2024, 09:39
General
-
Target
2024-02-19_782c05e765c274498f75393bfa21ae6d_mafia.exe
-
Size
468KB
-
MD5
782c05e765c274498f75393bfa21ae6d
-
SHA1
df52dbe53c212d92dc9e7595d42f10159c4870e3
-
SHA256
bd82ee757c573fbf94d9ff745a78884fdaa17c33532586a843e199e3001280a5
-
SHA512
8f7a9dc15888833f7e66b3f4153fd215a1846b65341a82bc0ad7cd4faacc4127449c5a1a4124359ebec5ac4a38d343fa8266faeae135c6370d1967b0f67876ae
-
SSDEEP
12288:qO4rfItL8HGRcpmMRnx+GJHqs37bWmeEVGL:qO4rQtGGRcgMFx/Hj3umeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_782c05e765c274498f75393bfa21ae6d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_782c05e765c274498f75393bfa21ae6d_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2C7D.tmp"C:\Users\Admin\AppData\Local\Temp\2C7D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_782c05e765c274498f75393bfa21ae6d_mafia.exe 6DB8D78ECA8B7172E8846D37A1369BDECD63C7CE3D1F780888B64DF13A896197D8FBC16670AFAA486DE21F2ED22B63408D7F55AC5BB99F3B448FC3C71D6313892⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD59de72c1506b76301efa5a73f0101bc41
SHA12c5987f692614da85b29a034e270163c615bf800
SHA2561bc4172bc36163a635f8d67b60595ff4e7da69a09f38ddd00be17b6e560c8ba3
SHA51293d23bf7b794c1e3c867f8903d01dd539fa3a5aab56852a932bbcf2fb5854c507c8fdea2b6673d2a7a65cc65904f0096f31d9202f2e0c6ca4bbc06f913205320