Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-03-28...ia.exe

windows7-x64

7

2024-03-28...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 20:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-28_da3b3335b722d31a97d243b5cb0fa67e_mafia.exe

  • Size

    412KB

  • MD5

    da3b3335b722d31a97d243b5cb0fa67e

  • SHA1

    b53779714959d76e01b80972abf025efaf7ab918

  • SHA256

    4fbcf094cfd8d6d1aa856981c8039039468455f0a51fd66c4d1335294da1e9f9

  • SHA512

    4bdb55363f70e4153706671356dc0bdaccb3a9fe6e32783b477f3e2affd000095330b651075d206ce8afc97f830f771b7a08bfe322492beef15acbdf9e5bad0a

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnPQBDQ1FGC1vFbJ5gS69j1qWfFkUTuUP:U6PCrIc9kph5RQBQL1n5glj1HuU

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-28_da3b3335b722d31a97d243b5cb0fa67e_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-28_da3b3335b722d31a97d243b5cb0fa67e_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Users\Admin\AppData\Local\Temp\1C09.tmp
      "C:\Users\Admin\AppData\Local\Temp\1C09.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-28_da3b3335b722d31a97d243b5cb0fa67e_mafia.exe FD3B367065866F2F83723A9301DC9BE0E94B456FA09B67CA4E667B93F68D3E37BFE02896E380EC56BE649CA591EABA6F1014D37ACE6948956F1B54D0638233BA
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1C09.tmp
    Filesize

    412KB

    MD5

    fc768c1fa586ab6e17a2a8198786be48

    SHA1

    3cfdf2c3cebeb0a5f43abbb436cd36351169b79c

    SHA256

    25f5d7aee684b11dafe9d0db8e9bba2e644864d42c6ab746a2f57d6633267b67

    SHA512

    d98c2e30fab1428375bd0402e717d50af91abe2f46f0fab3b9101efba6c4b8386215806052d78536d55442b7a709cf05058e5f13109e3d564e514674391a87a1

    Download Submit