Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-23...ia.exe

windows7-x64

7

2024-02-23...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    23/02/2024, 03:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-23_09288092c9a3708cd9afafe51dad8b73_mafia.exe

  • Size

    428KB

  • MD5

    09288092c9a3708cd9afafe51dad8b73

  • SHA1

    173eb3c461de9e5451173e077f1f1a10578124d9

  • SHA256

    e38cd8e2335bfbf23f722d3ade322bce9e9253463cd3a67fd743db225f5037a2

  • SHA512

    ef39dc3a1ad878ec8439f022776c948f73b2f5ea324b05c3364daaa3e1995105db084921dbe899769ef5e1b35ca5b937682c5cd13f9592a0967484349e8fefb4

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFzROMNBPle1E4dXVz99N+iGSrvx7cj+jrNqHR:gZLolhNVyE4lVkX3vxz0GrNqHR

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-23_09288092c9a3708cd9afafe51dad8b73_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-23_09288092c9a3708cd9afafe51dad8b73_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Users\Admin\AppData\Local\Temp\1777.tmp
      "C:\Users\Admin\AppData\Local\Temp\1777.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-23_09288092c9a3708cd9afafe51dad8b73_mafia.exe F0954945C18B944DEA2653104439097B6D4C47A645F8D32A7D11D03BBFF30323B2C356368152B01EA617BFE9C86C939CA2E48FF28A5376EA5084A401EA33196A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1777.tmp
    Filesize

    428KB

    MD5

    1765259aa2bde6c6d462526aa5c64e04

    SHA1

    bf42a9a8715b4ded8b46dc55e96ace8e4e4672f4

    SHA256

    7799dd97820203a544f56f852c7fa8e9489f3548a2cb2eb7397b071129370c7d

    SHA512

    5fb9ea1526a8c4c77a5213058df4723859092d96465f8e989237576e90128f28e62ee5458c482f21528569a596fe57b444467497440b135d97586eaff90bb8db

    Download Submit