Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
15/03/2024, 17:30
General
-
Target
2024-03-15_33f40047ad4b06076569d2f5d8e530f0_mafia.exe
-
Size
476KB
-
MD5
33f40047ad4b06076569d2f5d8e530f0
-
SHA1
80e5aae188b2d50f9398069778e21816f9167366
-
SHA256
fcff911043092e3187b7e245d9a3ee3a3e1fcab47aa11c083634b375d505cd0e
-
SHA512
21d25ef7ee9443b599bff1bf2d3c5c2de2ed5802b37ec0debc6d426dfdae9044447496913eddc66ae45172208d475c50a1186b6876a5ace3e6583d2b8979848f
-
SSDEEP
12288:aO4rfItL8HRmb0BTMy/7AbqA/squR7K9wlsDpVFd:aO4rQtGR00DHd+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-15_33f40047ad4b06076569d2f5d8e530f0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-15_33f40047ad4b06076569d2f5d8e530f0_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1CA5.tmp"C:\Users\Admin\AppData\Local\Temp\1CA5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-15_33f40047ad4b06076569d2f5d8e530f0_mafia.exe 169914DF764951E695D9809B52B9AF40DB5FD37CD8171ECB42036F36D4768F40AC489AD7E0ACB457D0EE329D56AB199EFB50D145AC890ECDA741CE2628A8A98F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5368cf1454919d1e8f3d4a9eddb6a145e
SHA1b5b5ad1754a66e2d430d8a8e6112456e123a0d34
SHA256f3f5e82616aef29dd2d770f3e883803305bae938dedd9ee887bfa21ee9f21f92
SHA512f3a253c1849a0c55b87ada378f77f0718085404759cf86547114e117ee1adcf25aaab3873d3f20fbb3052141ff41663baf07b981c01e446e6e86be96419bd0ac