Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
07/03/2024, 00:25
General
-
Target
2024-03-07_08b29e7688838ebeb98c07aaadb35bb1_mafia.exe
-
Size
414KB
-
MD5
08b29e7688838ebeb98c07aaadb35bb1
-
SHA1
b73cb5bd6dca55ae8289a7b36a045e8268339dd1
-
SHA256
2f9a49e1e8c1b172d6772b08b5a58b4531d874db152ffce2286a53a19db9466e
-
SHA512
48d22b21d19d4c64b4b620a052c092b17b011df3b273b8a2d72503b83c3756c293061e96d30a5f6f5d1bb472c363f05d1881fb94b1530525ed3e83cd472c8e67
-
SSDEEP
12288:Wq4w/ekieZgU6YVXnW/U2Ass+rvRZ2Dlx:Wq4w/ekieH6QnxFsz2Dr
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-07_08b29e7688838ebeb98c07aaadb35bb1_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-07_08b29e7688838ebeb98c07aaadb35bb1_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2858.tmp"C:\Users\Admin\AppData\Local\Temp\2858.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-07_08b29e7688838ebeb98c07aaadb35bb1_mafia.exe 0407C67B6D5D6AFBF42F461E93EE2BF7CACDF4C2554A06BD4874EE4E6D1FBFB32F20D0003305639B18837C73B5529BF92FA8DF6C4C8300553D239262A3AC675F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5c4640369ef7e3df2956eaf16a10e35c9
SHA106c3dc66cdb16143d77e8e1a8b5f37f43c0e7a44
SHA256453f54958f87076d3e7c913a904ef1bad273933dbb2c96e8470ec68f90e34d6f
SHA5126d50f328e7ced11299023bd2901cb5ed5489f40cfbdf6b8fa2827f87b9cc00dd60e5b4c6116fb09c44125b4d17118322f664494df59e9c1681e9da349ce1dd66