Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
18/03/2024, 10:33
General
-
Target
2024-03-18_5aa048764b7dffe3c077b50252cb8ba1_mafia.exe
-
Size
412KB
-
MD5
5aa048764b7dffe3c077b50252cb8ba1
-
SHA1
c18d55af37c8822f48b1cc02b3305ac7317dd41b
-
SHA256
2f727157aa53e21afd5fabfd7a0b37bcdcfbc89ee0904b7acc2f417b26397f99
-
SHA512
f50f3038bfa012abab0f79c56ce49b30bba61cd0e9237979c66304df430ff3222d0d1d0176331482db4ccb7fa571e5f3dbf5d41dd246fd07f4ba7b002b3449cd
-
SSDEEP
12288:U6PCrIc9kph50ZONjqjBfGYSjNYX8wgHm:U6QIcOh56fjBeY4ux
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-18_5aa048764b7dffe3c077b50252cb8ba1_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-18_5aa048764b7dffe3c077b50252cb8ba1_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\12F4.tmp"C:\Users\Admin\AppData\Local\Temp\12F4.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-18_5aa048764b7dffe3c077b50252cb8ba1_mafia.exe 93B75D8B4F9AC86939176C61B0152ADFF0BD8E4C2131F68C1BA5F5D03CD6A532F5D093B85A676C3A01C38098DE7E98ACD7F84831B0BEA46413EC0E919146C1F02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5e4c472d2068a9e62f1f3e460a19628e1
SHA1db595ee3281808df02f83b75c5490b8daf683f20
SHA256d13e3b37e8b54b2fe9c8772c38993694a278e4f1b9e1678ece6c678a6baed632
SHA51280182fe890b1452dbbf02d0192baeff26cce4e973b41feb61a4407fbb41310b33bdd8698066468168aee10a256de4a75556d68dc710896c31f80c2edf4ba7ac3