Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 08:31
General
-
Target
2024-02-25_a07e6ec0c604451df20bab5e8a004895_mafia.exe
-
Size
444KB
-
MD5
a07e6ec0c604451df20bab5e8a004895
-
SHA1
4cc5c68f6627bd17cc61599c393eb409b85b07e5
-
SHA256
fa9ecfd5e3d3ade8d0d71676079e79fb33d9c6bec5ca095bdde57fd05fd60c85
-
SHA512
1621a975947a843c806a07421baa17ffd07e60f787bfc13a65f520f7f206a24a895b3b99fa130b18b7f37c8b90427a3030df6f6133b91e1ae2349f349414cfc8
-
SSDEEP
12288:Nb4bZudi79LSuCex8kxXrq1CfMt3SBvVaA:Nb4bcdkLSbLkxXk+4S
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_a07e6ec0c604451df20bab5e8a004895_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_a07e6ec0c604451df20bab5e8a004895_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3CB2.tmp"C:\Users\Admin\AppData\Local\Temp\3CB2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_a07e6ec0c604451df20bab5e8a004895_mafia.exe FFA0DA54A968D4AECF075787F03CD2C568EC6C86A0AECF14A69AB1975A93FECFCB4DA419C921416DFD02D9860267D5F60E65FCED40252C08A64D45355E2C6D1A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD582b0c03ad6e7b137ace3c314f61ed0d1
SHA17ec75e0fe48f95b5f7c57b06ab8f58d35de667f8
SHA25610d56ef4f37d30f42731e626db35a5c1294d9e2fcf0b6fadc8d23afb48a032a7
SHA512dad378822b009475e0ac05902ec17c70e608af199879f2fa0f174edca2f55875ab917979d9579ef9552d460387081a0b9473dc79aa3b11b52ffff8dfd1e946ad