Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
25/11/2024, 19:07 UTC
241125-xsxvma1nfz 1025/11/2024, 19:04 UTC
241125-xqyddaxphn 1025/11/2024, 16:22 UTC
241125-tvbtdsvqc1 1025/11/2024, 16:17 UTC
241125-trtj2a1qfk 10Analysis
-
max time kernel
29s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
25/11/2024, 16:17 UTC
General
-
Target
Samppimafia.exe
-
Size
102.9MB
-
MD5
e5d776d0a738f622496507a407bd31a8
-
SHA1
379fc39a0b331b9892a886bef75b7d2f5f656816
-
SHA256
8ee9f9af08c9c58408503c08604f1af166620267e9e09f800c05e3257b5c147b
-
SHA512
46d427f5e8bc35d7ac1677add6e84461a12bd2fdb6b2398518341cba6c6f11c703d77c7490a5e2e23af258b2391ce831d130eda2170fc527081fcba549626877
-
SSDEEP
3145728:AnG2r7rS6xjKcBanL2qHO5iVAunGQbRe0zJcBVPZ2:vgnSWNaBHCin1XcBa
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Samppimafia.exe"C:\Users\Admin\AppData\Local\Temp\Samppimafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\Samppimafia.exe"C:\Users\Admin\AppData\Local\Temp\Samppimafia.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.6MB
MD5b243d61f4248909bc721674d70a633de
SHA11d2fb44b29c4ac3cfd5a7437038a0c541fce82fc
SHA25693488fa7e631cc0a2bd808b9eee8617280ee9b6ff499ab424a1a1cbf24d77dc7
SHA51210460c443c7b9a6d7e39ad6e2421b8ca4d8329f1c4a0ff5b71ce73352d2e9438d45f7d59edb13ce30fad3b4f260bd843f4d9b48522d448310d43e0988e075fcb