Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-22...ia.exe

windows7-x64

7

2024-02-22...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/02/2024, 04:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-22_119756e107fba4f0db9fa13ab79367ca_mafia.exe

  • Size

    384KB

  • MD5

    119756e107fba4f0db9fa13ab79367ca

  • SHA1

    653f0e7dd1e01e81da88b44011297108734bcd9d

  • SHA256

    7d444e6ea01adb805f939806f1d043f7714b953565dc3946faff5d678355042f

  • SHA512

    bc6379f63ee9ea8e6ccfc24ad930de80b1c1790bef95896a14b85e4c4a603382903260a4b1733aec4d4bcc042f201bc73ace85a5dd9c5c2298861b95b0d6e642

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHPIMuWKGSfAJzYPhyiXcXrdU4ljH3vRZ:Zm48gODxbzumKP42YiMXvjHpZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-22_119756e107fba4f0db9fa13ab79367ca_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-22_119756e107fba4f0db9fa13ab79367ca_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2176
    • C:\Users\Admin\AppData\Local\Temp\1E3A.tmp
      "C:\Users\Admin\AppData\Local\Temp\1E3A.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-22_119756e107fba4f0db9fa13ab79367ca_mafia.exe A4A8CB37F99D842D6543F3F576EF7B9273AD9A079D2B8214A833E7A1177BF7D06B71C2E1EFF1D08BAE852F31E6C3E3870E5BB1172A13E15D7CE4E1E08D245667
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1E3A.tmp
    Filesize

    384KB

    MD5

    9b1af5c1f7611e564dbd3487ef1dc231

    SHA1

    da6bd0ecd1fdaec6bd5f7bd7bbe45ae25c98d639

    SHA256

    6383fd7a90fc18d737929cbbdf3f1752ce3069db62dbe7515084f058e2fc15c6

    SHA512

    9d8a9eb813e4ec39848474e7cb06714c9f7b711eeb231895ad306697472aeb1114419a2974c00060dbc015cc9485f296b499cada2f940e5ddabb6f128edf4904

    Download Submit