Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28/03/2024, 14:32
General
-
Target
2024-03-28_3fbfa5d7107595cc4f2aad62c1b37b06_mafia.exe
-
Size
473KB
-
MD5
3fbfa5d7107595cc4f2aad62c1b37b06
-
SHA1
433ce7c1695b181fbabfa346ddd876fa46176e54
-
SHA256
430e4cf1a722458b8b86bd3a972e8f0e617c0904a49cdc936b7f9cc4e2b39e7f
-
SHA512
7d5086bc16c4bf6b7003b03f389ebfa53ea3ed879c87758407f96fd879f7115f28dedbe60a44eac58bde66e3a478a521c920176ebf60b8ea5ea02c786a80712f
-
SSDEEP
12288:Nb4bZudi79LloLQl4kX2sykwWCtuKFDIFA0a:Nb4bcdkLlpXfvKi0
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-28_3fbfa5d7107595cc4f2aad62c1b37b06_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-28_3fbfa5d7107595cc4f2aad62c1b37b06_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8611.tmp"C:\Users\Admin\AppData\Local\Temp\8611.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-28_3fbfa5d7107595cc4f2aad62c1b37b06_mafia.exe 4ABD4C7843A5551B75065F788D10337B4D869748E15D7C2110F9B1D22EDB41688797BAB1882747D02859142E12DA5318A146536B63FFDB292EC85C32C2B69BA22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5432b6e5a0d7f2a57852bd37086310035
SHA1a5893720a2a364bf7f4af9c5c0ab0955163a7abe
SHA25649db7ee531e09a3075851562ed8e5c7dbb0d6198da521b5a5309cd27c0233864
SHA512b3c0299cdcbe72d12a91de47824c07fa744b8fa5b58b09c5d1405b6786c347d6a0837bfbfa58ba94153b86603d18c79d8dda86315296e08e74e88ecdb92551cb