Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-28...ia.exe

windows7-x64

7

2024-02-28...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/02/2024, 20:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-28_65bc2eaffeee862960527d73797f72a7_mafia.exe

  • Size

    468KB

  • MD5

    65bc2eaffeee862960527d73797f72a7

  • SHA1

    cd10021b1cd6a7dfe5d1ad2d9018f0be09bf5e34

  • SHA256

    b563ca9ac073114f83beaef565b33edf94cf5d07654d9be870bf14939f266e77

  • SHA512

    1a7fd6865e2c939575af67973e126b8cc6432135b22f3cdbf6f80885860515478da24f750a8c1f01639b522369bef44c7739d81206b3491361877a730c279f6e

  • SSDEEP

    12288:qO4rfItL8HGZoB5Kb8SK9kLS6BMrCRZpjk7bWmeEVGL:qO4rQtGGFb7LS6BMrqzkumeEVGL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-28_65bc2eaffeee862960527d73797f72a7_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-28_65bc2eaffeee862960527d73797f72a7_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4488
    • C:\Users\Admin\AppData\Local\Temp\5EBA.tmp
      "C:\Users\Admin\AppData\Local\Temp\5EBA.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_65bc2eaffeee862960527d73797f72a7_mafia.exe E11F0A4B46C1FE57C39C124E74CE416D85F9D0B0B50073ADECFB3D37EEE7EA5C238E0E5EDB06CFB8BFEFE146A71E984C32AB7238193D83DE23F90C3855F46052
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5EBA.tmp
    Filesize

    448KB

    MD5

    e70509aa443cddd0fecb1f6b24e40825

    SHA1

    4d73ee7338d05c6c4be69fa65d1b3988b5b85c10

    SHA256

    00257897a9085d55b7ff76a52b4b0e4407c07755a8838a10bbeb13c18e7b13a3

    SHA512

    2b493a6e40ace17fc302fcd5a2845ff4b3522955c8fa6d0b7b09cac70dda23a0c4c6944722a6abc2f99f1774b34e67b301f72bcdabfd8ee08b9d259b17c98c34

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\5EBA.tmp
    Filesize

    140KB

    MD5

    cf8aed3fddad44c35176bc651aaadb34

    SHA1

    9cd0b8c31cb65922d04e492514a183fd9e2f1d9f

    SHA256

    4567026100f38c179b463039d1696276748ffc81c6e8ad88fe17b43740b9849e

    SHA512

    ba0b1a202ae725d5036fc352f60b833c3beba25c1d5ec5a01fc69676cbd9216b7ac1fbc08c3df4f73316764fb739a1888ef58ae91c425b217b1fb86527c1974a

    Download Submit