Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-03-11...ia.exe

windows7-x64

7

2024-03-11...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/03/2024, 17:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-11_7badd29369c55044aaf11635f3523f84_mafia.exe

  • Size

    428KB

  • MD5

    7badd29369c55044aaf11635f3523f84

  • SHA1

    95489318c5566aa80e9fbae5732eab7e3865e572

  • SHA256

    da4c897a3c811af0505799e0a94318f5bd6b4e8b6b4f80337f2be3738c90b40e

  • SHA512

    78d7e1c1d65a4755fa91b15c58c782b38775ed6f12da4266098333d9e72e079199bfdd8530ae8a9b0f89ab87ce0599ea0cc427995f1ebe7d6929b046ec1756f0

  • SSDEEP

    12288:gZLolhNVyENtY1etddMkIzyWUEmtdNqHR:gZqhOE0SddMk016dU

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-11_7badd29369c55044aaf11635f3523f84_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-11_7badd29369c55044aaf11635f3523f84_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:468
    • C:\Users\Admin\AppData\Local\Temp\6D02.tmp
      "C:\Users\Admin\AppData\Local\Temp\6D02.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-11_7badd29369c55044aaf11635f3523f84_mafia.exe 58B18A9842D204AFE6B35A63A623AE26B3DC4AC232D5708C12B8B3789D0B07B047F300C4BDA008250FBC491BAC6819ECAAF9D6780DBB82F53DEF689C6F512A89
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\6D02.tmp
    Filesize

    428KB

    MD5

    f892244b372a673fbc383a840479b2b9

    SHA1

    88f0369227ef3e78f95d9707bce0c38fcbcdcc03

    SHA256

    dcb6a711aadc6cdd950de9faf33bd51a0710116e23590577eb1219aa57074884

    SHA512

    32d987989c797d4198829d09cfe71169dff63a98ed6021b8151f9a9fa4e99e4356ca0eb126275c736a8671ec2c1852bf26712fe25e98a4b6fa8baac22a3f406b

    Download Submit