Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
93s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
19/02/2024, 09:39
General
-
Target
2024-02-19_782c05e765c274498f75393bfa21ae6d_mafia.exe
-
Size
468KB
-
MD5
782c05e765c274498f75393bfa21ae6d
-
SHA1
df52dbe53c212d92dc9e7595d42f10159c4870e3
-
SHA256
bd82ee757c573fbf94d9ff745a78884fdaa17c33532586a843e199e3001280a5
-
SHA512
8f7a9dc15888833f7e66b3f4153fd215a1846b65341a82bc0ad7cd4faacc4127449c5a1a4124359ebec5ac4a38d343fa8266faeae135c6370d1967b0f67876ae
-
SSDEEP
12288:qO4rfItL8HGRcpmMRnx+GJHqs37bWmeEVGL:qO4rQtGGRcgMFx/Hj3umeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_782c05e765c274498f75393bfa21ae6d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_782c05e765c274498f75393bfa21ae6d_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3F1C.tmp"C:\Users\Admin\AppData\Local\Temp\3F1C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_782c05e765c274498f75393bfa21ae6d_mafia.exe 0A10686ACD0DAA4C724965726B0E1828B9C97BFAF0EB5CFB4B5309735F32E46F585594B01202E26847E0EFD26DDA4D2B06000CB37BDFAD14A1B37111B43AE4432⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD58231fe256fbc009926721e2a9a04eb35
SHA10e3aad3f9347a01355e63ab1265280294cf122d1
SHA256da697a48bc542cae15e1e1defaa6a081510d6f2c25f4b8bb1bf1ac0e487b18dd
SHA51280ceda2f98e6321620195684b864ecccb9053bcf624d79dd0c7cce4a9d843a83965fab31695eabdae0a2f7c9c7e5a96694e383eecff1b88158dbd9b3dce018fc