Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-04-18...ia.exe

windows7-x64

7

2024-04-18...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/04/2024, 22:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-18_6c312734af657e516a19ed945335548a_mafia.exe

  • Size

    479KB

  • MD5

    6c312734af657e516a19ed945335548a

  • SHA1

    c4e179135b9fad51c8bbc6c93434620837366e07

  • SHA256

    82cc042b7f25c2f7401c18340d7911f29a2208fb5731a5a25585a6947dfe98e3

  • SHA512

    2d0a1d43b864692a642261830b185f7df031372e79070245c37d5b80d4fa9957e9991c8b01da071db7fe67697dd283d35ea0cd012a58aa3cd9725bc26e76fc6e

  • SSDEEP

    6144:b9EyS4oMxIkjxcWqHtg88HARRJvP9VZ9raX3omshq6ZIhGoDxBYPcsMXbHb75UNY:bO4rfItL8HABvFteUq6ZuG0ey7b75UO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-18_6c312734af657e516a19ed945335548a_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-18_6c312734af657e516a19ed945335548a_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2856
    • C:\Users\Admin\AppData\Local\Temp\2D1B.tmp
      "C:\Users\Admin\AppData\Local\Temp\2D1B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-18_6c312734af657e516a19ed945335548a_mafia.exe 3624F9F71293E55A2B40B9B5F7C14BF5C744E0E8AB10C857712CEE56D95C05717406B1F56AB24EE7BBF8064ABEF3731D35C9A7EF650DDDA9E5829DCE8284E12C
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2D1B.tmp
    Filesize

    479KB

    MD5

    84b12e8afa0f33b8f79ea4b1d28f2718

    SHA1

    653466686a849d8f57d2b946d52e8387e18b953a

    SHA256

    960c65f175c3505896da26249a591f3e21f9552015b37bd503d470fe945c6e91

    SHA512

    a35790696bd0374eef003272d4c116687c47ceca74e551b027da999d7d068c8284754814f203a2996792245140382ce0a478d7b1042a35e1460441e0d11169f6

    Download Submit