Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-04-28...ia.exe

windows7-x64

7

2024-04-28...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/04/2024, 12:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-28_27da19aa21fdbba547c5d1c40baf4512_mafia.exe

  • Size

    412KB

  • MD5

    27da19aa21fdbba547c5d1c40baf4512

  • SHA1

    172b679f7de8872871d4156013edb6aa1230d97a

  • SHA256

    37f87dc76d65404fd2f977b64ea92f9d7c3b97fa35696b147e885aceb392b909

  • SHA512

    1d010a543bcc006c581d050031daa24d39baf5d271bd0415c4c4ebfaf025a94222aa16c7b1cdc37f9bef9eeca23e4c1f30afc8bdcfb83640cdd46a525f5f8db3

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnWihVYVNW+OrgFPhaO/Pv//Dzk7dSk7Tmz9TP:U6PCrIc9kph5q3OrgqOvH0hPmB

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-28_27da19aa21fdbba547c5d1c40baf4512_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-28_27da19aa21fdbba547c5d1c40baf4512_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Users\Admin\AppData\Local\Temp\1D60.tmp
      "C:\Users\Admin\AppData\Local\Temp\1D60.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-28_27da19aa21fdbba547c5d1c40baf4512_mafia.exe C01596E445DB709CF5A90E529BB1AEC3F6A7F6B2FF74172D622D0B8FFA5C0C34BA4F14F10D4E45AD3D46CAE939ED47768A22CE00DF8347576DB513398E282CB4
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1D60.tmp
    Filesize

    412KB

    MD5

    2484e4d76816fab7027b3bd16a1fa30f

    SHA1

    690a96a12390f6d450b3ab3ab26afb71420b856b

    SHA256

    53c8f6218875aff457b574ab5dd3a711be074c3aa8aab8bdeecbccbc33a0847b

    SHA512

    7753304283f9ad20c6b88a7c1b8ef5678765fcfbf5f032d8dd8ab31aa348937495316bc208285587fdf8fdc1c15e69835c3ac9b0015fb31c47ccd05e74973d10

    Download Submit