Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-04-16...ia.exe

windows7-x64

7

2024-04-16...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16/04/2024, 13:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-16_5e180d5327fbafe9059fb3c791fe9a77_mafia.exe

  • Size

    413KB

  • MD5

    5e180d5327fbafe9059fb3c791fe9a77

  • SHA1

    5aea38ac8eb1bf15fb567480f8bca88d9c3f1e68

  • SHA256

    057ae3b998a657ea79e2462f0ad615cc2060634ee2c3e020cc00f07a3a69fc59

  • SHA512

    1d2b68587f31c12f80b19b649c4dc35c3e4d31a9ccd678ec725ed15b14b594db7d175e6e5c42911cae6e2f99c458e87bbcad6179b2f508f2166594f9ca065b24

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFS4y4sckcGykVnXfXpQjI10RzKBdqHg:gZLolhNVyEwyqk5zVXPKk10RMqHg

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-16_5e180d5327fbafe9059fb3c791fe9a77_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-16_5e180d5327fbafe9059fb3c791fe9a77_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1500
    • C:\Users\Admin\AppData\Local\Temp\8611.tmp
      "C:\Users\Admin\AppData\Local\Temp\8611.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-16_5e180d5327fbafe9059fb3c791fe9a77_mafia.exe BBAF5C07A780816159D414B2E4A2388D5CB50B0CB48E8558BE4E095B2FC56D249A9F15BC54C861818D15ED78D2454DEAA2267A4686CA054DF10B62E5C84AD4E2
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\8611.tmp
    Filesize

    413KB

    MD5

    15a2fd68700b395f4c94eb995666c796

    SHA1

    5c902d20c89b739843d2d5967b0c0d3379bb487f

    SHA256

    f6ea12fc29c466ae727f635f15811ae129212e44c721fe7073050ca109c10785

    SHA512

    d3802f172c56f2cd980735d132b65eff44a62d5a25b56b02da8a34bb4ccc430b436cc17afe68b14d613fc2895530c03f451804ac001375eb4bea29400f1143a9

    Download Submit