Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28/02/2024, 05:40
General
-
Target
2024-02-28_f046dca6a1b65218c8dbf50f334f699b_mafia.exe
-
Size
473KB
-
MD5
f046dca6a1b65218c8dbf50f334f699b
-
SHA1
875cbe888d13779f17bec035ebf2456255ee21f8
-
SHA256
08de48a5301f3124b33a27a0b2a545baf1476a5f3493248484c7cb6b96b4fa0a
-
SHA512
568486106b77aecf16cad49e319b16b3209fe57dab299d1947c5aa22b0ddb00af75129d04bd56974450451f576c0de867f54609f61ac14255136cdc9d9d4959b
-
SSDEEP
12288:Nb4bZudi79LhjeLzTDnTl49uBhyBd06q7hA0a:Nb4bcdkLh6PXTl3BS+M
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_f046dca6a1b65218c8dbf50f334f699b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_f046dca6a1b65218c8dbf50f334f699b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\58AB.tmp"C:\Users\Admin\AppData\Local\Temp\58AB.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_f046dca6a1b65218c8dbf50f334f699b_mafia.exe D2F58168B7E78E92A792A5E4D71930C0F52E11D667AA3305DDB083B258672646C14327A0CF1CB954DBFBA2A2EF114C7FC6426506C7D7074F249F5854DA7A27AD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5121169fd6ee3e5899724fd33436ec677
SHA1348e658cd6907d5e75380849bea97fbe6f5160f7
SHA2567a438a64cba4c282f7deb2d5050fda9758ec3d8fa49d1a346cc303053a9246ce
SHA5129f235f7bfab74ba5280cc3c0feb7538d8c895f7313ce81372ae950905033e35d749fd18f09ac1f0856643e54dcb56abda95451f41956a9575c5a3a760b80303c