Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
19/03/2024, 21:33
General
-
Target
2024-03-19_7f20bf42b5519830b72a8e93e876a7fd_mafia.exe
-
Size
428KB
-
MD5
7f20bf42b5519830b72a8e93e876a7fd
-
SHA1
69d23a81bf58c3f7acacf42567551fb4782f66dd
-
SHA256
855d6e1ff4d9612a80d830ce40c579544e623a1f3fbd0bdb1a9636c3412b9e74
-
SHA512
d28814b99f637a821ed8a8c1ec8e339923d0c37f2aa301aafa0759f9659fdc6905c90399dc74653f098ba4c07500e2858611f938a17374999466ded56d81f3bc
-
SSDEEP
12288:gZLolhNVyEQVdsiAmHEUr0dMEBuurPkqHR:gZqhOEyA9UWBJb
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_7f20bf42b5519830b72a8e93e876a7fd_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_7f20bf42b5519830b72a8e93e876a7fd_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1A16.tmp"C:\Users\Admin\AppData\Local\Temp\1A16.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-19_7f20bf42b5519830b72a8e93e876a7fd_mafia.exe D924FD13BDBB21C7B6F77FCDD9511539CE298A817A2EA61BBD304D87A2D1C7DC56316BAE476303C0F73CB67F355A18FA1F17B15A8D531CAD7DEDE290C142391C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD56701528ff33753c4a541458e3ee5bc4e
SHA13fca7a97962cddaf32f4beef51bf3e1700c11155
SHA25652aec01683dcbb11de4b3b7db700ba93aef42f3a0a24971b44f2ad6ea285d9e9
SHA51274b54576e5f8c2dec1ea1d9743c723785e517c75a560fb74aa5f1022121877440b0c058337b98ca97494a8b623193e37bff98f6550b4bb267fb05f2edbf44fee