Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22/02/2024, 10:00
General
-
Target
2024-02-22_b633ebef3dd0c5764a237fb087ca79c5_mafia.exe
-
Size
479KB
-
MD5
b633ebef3dd0c5764a237fb087ca79c5
-
SHA1
d6b319ed74437323980cdda5e37e7eb6a5b8b4ab
-
SHA256
955afdf76ca49716ee71d6e9925fa80233e10d54711927b763f14c779f03a725
-
SHA512
7ba89cd4b2fe08c30b2d9f2013415210a319d5abad490b10aace26da3931af876faebf780a434fde8710d09998a4fca46d02b734e1669da9c4324e766d7f6ff3
-
SSDEEP
12288:bO4rfItL8HAmQbokwnVJzLSNHgmk94Gj2h75UO:bO4rQtGA3wnVtmAb43VUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_b633ebef3dd0c5764a237fb087ca79c5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_b633ebef3dd0c5764a237fb087ca79c5_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\46EF.tmp"C:\Users\Admin\AppData\Local\Temp\46EF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_b633ebef3dd0c5764a237fb087ca79c5_mafia.exe 773D5032237F8726FBB7693E578001AD2A0D70E9AB0E273AB66395A6D7AEC19239C09FD078957E7BD32C1A351237F209782493050623F38DDE595050F9E7D2202⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5bd6715e09d895ede33538c07e733c7bc
SHA1153c7d33185d4c59f5ccf49aee94fcba3fa9f2bf
SHA2565f3f2bd973cc0b72a2d25bc3168ef876dc4c5f2bced6c4e4d24f0d23ebeb6182
SHA512e13cf80b4f030cc6e26bf053cc4640ebbcff42bc87f2426e4cb6b19c74a79038661f7e5d5bf4238140597c0bb2b1a9686fc04d5f074e618ee564e39c2e4b287a