Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-20...ia.exe

windows7-x64

7

2024-02-20...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    20/02/2024, 20:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-20_f4872021778f0f0c8cdeeadf7f3dacb6_mafia.exe

  • Size

    411KB

  • MD5

    f4872021778f0f0c8cdeeadf7f3dacb6

  • SHA1

    ed5ce574d60c1d3d167bd6c3a338cef925866795

  • SHA256

    4448477b9d882311c5dffa603d570c0fb9e1f836a8ab580b4d9cca502bd5c323

  • SHA512

    ca7da35c79cd5f474e2790de685674c67e09afa4b6968da35bedcf20e032cf2f95e0dbcc8a1fbcd5c17abff1367b4d71f0823638e83e481accb27d23d59b9605

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFGm4w/duxDOJw7wkq3WSSRmbzDl/SqHI:gZLolhNVyEtu/Qx6Jw0XGSSYzxSqHI

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-20_f4872021778f0f0c8cdeeadf7f3dacb6_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-20_f4872021778f0f0c8cdeeadf7f3dacb6_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2756
    • C:\Users\Admin\AppData\Local\Temp\3C93.tmp
      "C:\Users\Admin\AppData\Local\Temp\3C93.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-20_f4872021778f0f0c8cdeeadf7f3dacb6_mafia.exe C100A3188FE17E87FA71D7DEC41C78CA67B1489FC7A56EB25AC025FBCFA954313FA81F287FF7BA3AE3B72CE3469B46B058AC59B40A26A1D83D3051D86DD87202
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\3C93.tmp
    Filesize

    411KB

    MD5

    61a58697b0c8af395620356d21cac4ba

    SHA1

    42135d4ccf11fb6c7d7d6486d55cafe640f54f0c

    SHA256

    1dde5ee608dc785d678f0aacd2faa203260c947cd681230fc3c0e34d8699519f

    SHA512

    47ef110b45b583f819cb2df19edc9717dbfd86a6ee1f0aceeaaab4090a25806a7b67c9e12a8f2075a3e1af39d59fca13de8d730c67575932f3915fd6ab833d7d

    Download Submit