Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-29...ia.exe

windows7-x64

7

2024-02-29...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/02/2024, 00:49 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-29_ad4b5d79573f212c9eaa074230b46da9_mafia.exe

  • Size

    384KB

  • MD5

    ad4b5d79573f212c9eaa074230b46da9

  • SHA1

    42e70154c8c07d16f0d0ea1c68d822c231ad20e6

  • SHA256

    8e7117c7626fcae10c2ef29c8a53ee5092ea212dbd82eaeb3226b282555ece27

  • SHA512

    75b64bb0ce04651e63e740cadbe80cb3e4f5966852a0c0196f9abe080d6a748ae033ebea76120818990e156346649137406b17be40b463de0f05896762c993f7

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHJDJdfXKZObGeZUqNPgIuJG0HPSL5mO2iUBCos0d:Zm48gODxbzrJRIOJUKgXDw6WwZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-29_ad4b5d79573f212c9eaa074230b46da9_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-29_ad4b5d79573f212c9eaa074230b46da9_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Users\Admin\AppData\Local\Temp\1832.tmp
      "C:\Users\Admin\AppData\Local\Temp\1832.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-29_ad4b5d79573f212c9eaa074230b46da9_mafia.exe 8723B29926D719AB695F8D03591F5E5CED0A1AC101A3E088D792C8D6868486C73417668FB6B29A36951AC0C30698CD941A9366E3A66C140C2796E481B063ED7A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2464

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1832.tmp
    Filesize

    384KB

    MD5

    d7b4840f24f11b35061a4c87e8b8f797

    SHA1

    1b9f98c91aabebcddc632c84d716862f1212fa94

    SHA256

    69a7fe95b6c52301654cf0e07fe28fae48f7d587e84cb969a2efed02abc47124

    SHA512

    836c6147ea83116e10dd226bd2c1665f02d41214a71f7d17598ab5b94e1cc4f7ecc01bb87a2101e8d0cceb948cbc15e542686f2d5d0619b7f980aa78df166abb

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.