Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
-
submitted
31/05/2024, 06:56
General
-
Target
2024-05-31_8785c37eb60f86e7d0535402e9864748_mafia.exe
-
Size
428KB
-
MD5
8785c37eb60f86e7d0535402e9864748
-
SHA1
09acd04f7bbe760eba91aee5e5ecce0c572a524e
-
SHA256
b4ad73d42c7afa30b42b733abc50ebd82bd683941e7b1ffd320ebf2f3a1f9f95
-
SHA512
27247d1e5810583279e97e9f0122bce492a3c2f64b4cca912d1614efce6fccc7b6bc912fbb6068750cbf57eb0fa9aa0274ebedf5f9ddc57b4239d9e6a05f491e
-
SSDEEP
12288:Z594+AcL4tBekiuKzErEuW5mzdNy6pTKmyIYPQcul:BL4tBekiuVrEuW5i/pt5gBu
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-31_8785c37eb60f86e7d0535402e9864748_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-31_8785c37eb60f86e7d0535402e9864748_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4A2.tmp"C:\Users\Admin\AppData\Local\Temp\4A2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-05-31_8785c37eb60f86e7d0535402e9864748_mafia.exe B2F53B115CAF198B167DEACA4534CE2B977D96FBEA3BAFDFD76531D43E943593CB82A1C441048132390FEB7C07EF76E05C4710EAB0FC3642A656CC4E64F8BFF02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5b11d719f9aeda363b3321118a2021b64
SHA1d60b49d04f46a51cdde443d241d6a21c01084935
SHA256aec6c25fe8cfdc2796f800f7a667db8fbea50bd55be0a1722cff9f4c6caf4b0f
SHA512436433fd942a8c6ec845dd2176f61f7c63683e0e7b5dbc3dcce5714758dd9300a1e409c72b582048cc23f7d1970aba8d79d178867e34845fe96527483b4773bc