Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
05/04/2024, 03:58
General
-
Target
2024-04-05_97ee8b54b9dcee78e935dd9198fb5542_mafia.exe
-
Size
413KB
-
MD5
97ee8b54b9dcee78e935dd9198fb5542
-
SHA1
060aecaaea4370b43c0048eff1795f16f3aa37a7
-
SHA256
473d0c072a8127cf9b7dbdeed3b192067409c7b51bf333437c70760f4dc62126
-
SHA512
30e763bef64d8619d405c309608f561cea5f9476cfbed7b883e84b3661c42888d62c1b8b4f8c20cd7160ff3f4d0a37475959177847f20531180084e3fb16a5ce
-
SSDEEP
12288:gZLolhNVyE0cBvEZVbZhFQLKxVvteg0xy0vhqHg:gZqhOE0cBcrbRMg0yMx
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_97ee8b54b9dcee78e935dd9198fb5542_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_97ee8b54b9dcee78e935dd9198fb5542_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\76F4.tmp"C:\Users\Admin\AppData\Local\Temp\76F4.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-05_97ee8b54b9dcee78e935dd9198fb5542_mafia.exe 1343B96630B4E246329699EB3C12B3607D2C8CAA943D9F7EB91B0F528135574127ECB6586C3642F5122FC2DB0FF2A750412FEA5B511F6D08665FB836232421102⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD533295ff49ffef2883f3d5dd99a1ce1ac
SHA1f50807525d96bfc6b5c72c99daccaa8289da9490
SHA256a009ca8c1ce2189d1d90f0ea6eb500b00f5188940d3029224a28f87577f1b3eb
SHA5122da669a7dded243fb00bfdeaee6a85ddac18cbf03a370177c5913ad55138758fb7eb29c0b9225df6a7a4b531808dfaf3d84a31672d1572acb45952dec86e0771