Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
93s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
13/02/2024, 18:21
General
-
Target
2024-02-13_db0ba0bc62d5afe4a2be3303e30ac616_mafia.exe
-
Size
443KB
-
MD5
db0ba0bc62d5afe4a2be3303e30ac616
-
SHA1
c82ca9227bb4894794016728a35f44fa3a4168ba
-
SHA256
47fbd98ae13a0d5037340b6ec518d81619906af48756ea5426f2fa156efb5e40
-
SHA512
b45d563a956ca792dfcd9dcc3e16d4742e08ab5790e1c440f5bad21b3549955859b3c8b81bc6cb6fd6a8c728d203b12bdc7e066e692da45c2da8e8c463877659
-
SSDEEP
12288:Wq4w/ekieZgU6KNg+bi2+i7bfEURFRlMa:Wq4w/ekieH6Dm9+KMMRP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_db0ba0bc62d5afe4a2be3303e30ac616_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_db0ba0bc62d5afe4a2be3303e30ac616_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4769.tmp"C:\Users\Admin\AppData\Local\Temp\4769.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_db0ba0bc62d5afe4a2be3303e30ac616_mafia.exe 28B8EDF494D1DE67BCA18179ADBBF773D249BE53495F1E4CA4F4F952313E61F1847A1CD00EB9D55C1BC05205190743A84A93DE7C8B4787DDD774D0374BE58E0C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD582139ab367651277fb0e55962d4ae527
SHA1049ff57a55fc5a4c49bbcb61574b4c69b122373f
SHA256e2c3b901beea9e7c1676bc789f2ae23a1b352aa0b78c9576da9187566727323b
SHA51270ec4ffec639fe047ebb2316ff1076a15d4fd2beef6b058480e7ee87442bfbf15a505dda64dd5bda92154a711d7f1d397e5549e93b8b576dd4dbfc7662b376ff