Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-23...ia.exe

windows7-x64

7

2024-02-23...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23/02/2024, 12:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-23_bfb879109ed344daeb7b737171441b0c_mafia.exe

  • Size

    476KB

  • MD5

    bfb879109ed344daeb7b737171441b0c

  • SHA1

    751fbb8f0ed0ad90d66fff2e4f198e7f60727e95

  • SHA256

    bc384a1ac8ddaf4fd6e43ca5a909daf142586c508b4391ed12eea423eab97e01

  • SHA512

    3ff6c11cf6a9da0afe616e0a3e8516d6b6179ddd62b7ec86e3a19a0e0a3107e9be4831b55044e3addcb180cecf57a9d7cd1e37bde0e730fc80479d92100c364f

  • SSDEEP

    12288:aO4rfItL8HRoNXZUsN96K0Bkrw3d3d7K9wlsDpVFd:aO4rQtGRoNgBXd3d+9wlsDpVFd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-23_bfb879109ed344daeb7b737171441b0c_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-23_bfb879109ed344daeb7b737171441b0c_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Users\Admin\AppData\Local\Temp\5448.tmp
      "C:\Users\Admin\AppData\Local\Temp\5448.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_bfb879109ed344daeb7b737171441b0c_mafia.exe 7FD80E7213B9CB31AEAE4130234F33930D7855738051073CAAE3550A83D9CC3C907E9C3DD942A75A890621E54F0C7A7902142110C1606DCF8C99061B518B47A9
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\5448.tmp
    Filesize

    476KB

    MD5

    1f592dd0d564c6c1c6cb4429abf2deb6

    SHA1

    d43f89ef8c9d601e888586b8bdbd363fd04d3ee7

    SHA256

    bfc624191f613f791721203291bc86852b058af9b414bcc0acf5827cc3baca88

    SHA512

    e94ee57998b0171e224728cc44143a8def67624f2bc5c6f9c25fe3b742ee5229799d42c4b035de1a169641e2dc137f33775b3ed36feef821b00ff4ecde2849ad

    Download Submit