Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
11/04/2024, 07:31
General
-
Target
2024-04-11_34dd81d1b5b8af49d4376c5502c07b13_mafia.exe
-
Size
473KB
-
MD5
34dd81d1b5b8af49d4376c5502c07b13
-
SHA1
8e1f68bc67a52887c721148728d4ae2f2cef56fc
-
SHA256
470327d10e0585e4ca8239c4723832e519e6edfb3667c593f7e66aacfc08cbe7
-
SHA512
5e0c056290e8e51a9f216261b4d3cbf6c5e289b4c42830af2d11042cea59267b48916282c7bfb71a8e797a19b77fe2dbfb756a5e67b11e3a5ae754bd8cbefaaa
-
SSDEEP
12288:Nb4bZudi79Lk4KZlWqO6pkPZ2zCvutA0a:Nb4bcdkLUl66pdCW8
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-11_34dd81d1b5b8af49d4376c5502c07b13_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-11_34dd81d1b5b8af49d4376c5502c07b13_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\F6C.tmp"C:\Users\Admin\AppData\Local\Temp\F6C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-11_34dd81d1b5b8af49d4376c5502c07b13_mafia.exe 0658F723EF760E1C80A5F352AC421EB01AD1684977ABFC74ACCF00254EE5AF62DB7A1AA09E6B8B295CDB97904E33940CDADC2A5C8C2A349CB068A45B908709572⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5809c35c5ecfa5cd6df587085c02a8f6a
SHA1c143c84f911633b1310a0edc87aa815344b986da
SHA25698c3128fc25ad731dbe79f050391dca9c17188319bc3fc468b0e9da24151db37
SHA512b20c8c429ca016f664cccff201f9b19370858608e69835a1408b4cb5fd49f72309aa7d8b5a2fdefbd9c019bea9d983e956373f9f843b3881f5247211427f069d