Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
23/02/2024, 17:33
General
-
Target
2024-02-23_53ed8619e632550c4fcee476819278e0_mafia.exe
-
Size
433KB
-
MD5
53ed8619e632550c4fcee476819278e0
-
SHA1
62bab0ab00cfe5211091d804b9746b206fa47465
-
SHA256
8cd8407c0479411eea09d13d450280ef7772ad0e7e3e45bb28ab0751403f9d62
-
SHA512
7f3a8e9e9ee0014917c2fd6f62f473eebbba9a4e5107529832bd7d6fe866b432fa835c8ffa0c0f80fd5a5bd53959fb2d52dd5168cb48069e0ee11d51c19a8d0b
-
SSDEEP
12288:Ci4g+yU+0pAiv+yMZjdZqcjBVKJ+cnKEbLtTRNa0an:Ci4gXn0pD+yMZjecjBVNZv
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_53ed8619e632550c4fcee476819278e0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_53ed8619e632550c4fcee476819278e0_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8575.tmp"C:\Users\Admin\AppData\Local\Temp\8575.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_53ed8619e632550c4fcee476819278e0_mafia.exe 689D1A721A4786B80144585755DB773D7A6D80E9816E60BCB5CACD4DF4BB0DFEA7383FE4C1ABF461A565E75D968BD578600077554FA5E0960FF1A1349D1DD4292⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD506b3572067d2fa202e62756c01f0bc07
SHA18257783864f2e02efccb9965c85aac7a1c8c9a2f
SHA2569d5d4ebd52c628ac4af7c30d84cd8151ca1fa3ca65aff057d2498c19e760a65d
SHA512fbb6534e991c515ea155e3cf3beb848a889b7d377c791982ab74e67bf7cb877dc245fe33e8a13f5ba6bb523e517dabf39b9404ad6472169aa96c3a22b0d875c0