Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-04-27...ia.exe

windows7-x64

7

2024-04-27...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    27/04/2024, 05:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-27_bfb829d49071d651b67062713746d729_mafia.exe

  • Size

    412KB

  • MD5

    bfb829d49071d651b67062713746d729

  • SHA1

    7d810d6de72d2be6048a83e6a7dcaaa743023947

  • SHA256

    f30f89040abd7f1ef3cf43ac0823e3f11f908821ebb7ec3914d5ec152e182037

  • SHA512

    c2f2ad40b6519639e54639844dda459f2051745357e8d1ff934dcbb15e3bd41396304baceb0fe06565fb7eb78ffe6fde3d37ba2afbfcbf7d335d62958fccd6c0

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnsRjjH8mR5m2OxPEfl+CQuyPqfMterExP:U6PCrIc9kph5ORjz8ooxxUQxLteoR

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-27_bfb829d49071d651b67062713746d729_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-27_bfb829d49071d651b67062713746d729_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Users\Admin\AppData\Local\Temp\9FF.tmp
      "C:\Users\Admin\AppData\Local\Temp\9FF.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-27_bfb829d49071d651b67062713746d729_mafia.exe ACC54F2EF0705FDA6D1071542CCB926DEA3AE94BF1115AC748694AD6E24B9140903231D74864B8C1BD8F1F932BE4D43CDD801E62B08FCA0471A34A8CC04C57F2
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\9FF.tmp
    Filesize

    412KB

    MD5

    3e31db50e81f20c6044e406a8eab9dde

    SHA1

    ddb711ff8a1a8378e639ce45e816cfbe95c271d2

    SHA256

    4c8d548be9a95a53dac8023e5215c5b27e08cdc80dbeb9f1a0d26b6d1fafa109

    SHA512

    b6aac0d169b46017b58e8d54b4202bd21c8be26754e6ee35fda518463a7b35e5ec6d84e90521c85a02bff7900c597bf0913430c4fabdc72a0219b94045df5624

    Download Submit