Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
141s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
14/02/2024, 16:42
General
-
Target
2024-02-14_1bdf198c2771f63897825ef3c025a945_mafia.exe
-
Size
473KB
-
MD5
1bdf198c2771f63897825ef3c025a945
-
SHA1
ded8928724043650e814d072ac44e8b12ba3526f
-
SHA256
b8837a0d0312266de64a98e76f69c9a673e2b3c6674b4855b33fd520d8699a48
-
SHA512
a2fc3573850a07604da3d76adaa6afe403489d565a67c6ace57fe475d2a6dc054f3171da28b385b44f817d2a965570c48b1b4b4d178cd66d258430eb016d9a25
-
SSDEEP
12288:Nb4bZudi79LYcBDmPaVFDLysNkqj7ScNMEfGwLDA0a:Nb4bcdkLYcYyLVjjmcfJm
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_1bdf198c2771f63897825ef3c025a945_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_1bdf198c2771f63897825ef3c025a945_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A9BD.tmp"C:\Users\Admin\AppData\Local\Temp\A9BD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-14_1bdf198c2771f63897825ef3c025a945_mafia.exe EDBF7EE70E822ABDFC679EE9E26E3E015067680A245C30E60D032489A213487664713C35A471740C4A1DD8E8E53104DDCAD540A1F311CA26F9D41538800F5CEF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5d93a8175d0620a7df606046441888e44
SHA1149fa17ffb05cb10b189e331b41dc76f4100c2be
SHA25694312969653a603497b9e0e8933a5b02f54cc75d7ed4e0e204c9c7d4305aab0b
SHA512c0a802fbcbfff7946a60fad1cec21fa59df783d4cd62ec884cc41f847ceee3e628b932be8d8b02a4c71673bcb485c0bc600c49c7808e44a6a919db40cf116bfa