Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-03-08...ia.exe

windows7-x64

7

2024-03-08...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/03/2024, 19:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-08_fddb5a2cff9e52a119a0dd88b6d38181_mafia.exe

  • Size

    384KB

  • MD5

    fddb5a2cff9e52a119a0dd88b6d38181

  • SHA1

    4612ea3999f76ea9867a946a84fb07a748a3edb9

  • SHA256

    7a974844a1a9fc96db01fe497058d4d9bf353b2b5453b6c4f9eaf0a7b0a0fa72

  • SHA512

    0e9a9f70c4a0b1dbc94d384a736e526204e495bd1e01e59aa66b6af925130627f7fe9e6d7ace443fedd748a7816b075f766a1324c044d292abc4d03c82c42d92

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHfWQkg1QwsKzfCTqQmSPOytdJ1yMzlB04Z:Zm48gODxbzhLLKqCTmzytdfRZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-08_fddb5a2cff9e52a119a0dd88b6d38181_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-08_fddb5a2cff9e52a119a0dd88b6d38181_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Users\Admin\AppData\Local\Temp\6316.tmp
      "C:\Users\Admin\AppData\Local\Temp\6316.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-08_fddb5a2cff9e52a119a0dd88b6d38181_mafia.exe AB36C85C1B1100DA31C445056FE92D8348A4F7595CC8AF63632E47C3000488400725F09D73A74B46E348F2BDB91D361557774CA1FAEA1EFC552DFAB026BFA8A3
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\6316.tmp
    Filesize

    384KB

    MD5

    27e0257b40a7aa581559c4adbad64af1

    SHA1

    5f9df1d1787719bd6845a77abf017ad5404c5963

    SHA256

    c3f1a1d9665519a66193ad5e30cb02ba09cb700d415f093a7210bf1b4fadbd98

    SHA512

    7ed881d1ca4a6f0d3215de9900ad7a2213048bacf8bb05bd43ea42f733e15bd38ae0648eda5fad3d7bad5bc93ad8db24ead304298756a6585f1a7b7202bef176

    Download Submit