Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23/02/2024, 01:34
General
-
Target
2024-02-23_4b449e2cc2e8219cd2feff38ed86529b_mafia.exe
-
Size
433KB
-
MD5
4b449e2cc2e8219cd2feff38ed86529b
-
SHA1
42e5c72c4d96055f69614a6538af9b90260b2d33
-
SHA256
49545ecc3f92014a467cb9adec4071e0d21738d7617961c7abe0606ae31119f4
-
SHA512
0dd6cf0c280b83224290b521c7c27e26c8cac840abe230763a6fea959d981baf25b5b76cb6b25964a64b93b04c422cc42c6cfbd03e7956c5d05a6b48d3ead5c7
-
SSDEEP
12288:Ci4g+yU+0pAiv+tfev7V4BBKAkHb+BC4n:Ci4gXn0pD+tGiQAQLI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_4b449e2cc2e8219cd2feff38ed86529b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_4b449e2cc2e8219cd2feff38ed86529b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3D95.tmp"C:\Users\Admin\AppData\Local\Temp\3D95.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_4b449e2cc2e8219cd2feff38ed86529b_mafia.exe B72969AC4E661F133DC7FADA3F6010E6340025533165BFD0D02335C093E3134DC3D02D6F22AE5B35EE7BB7D31821A3EF5E2936CA8B18C6863A3E68362F1EB13D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD50e3ea841286167bb370a8d414c0255ff
SHA1f2ccc979ea294209ea468fcf89050f7405264dba
SHA25622ed823a6525c8ea15ee47d0119bd71216bf8c8d44abe807728390ee3b0e5ef2
SHA512d6193f8492f85e739ee4a3798db8141c5f863ceb1db4038697d95888a5e48597a7a00491d0974dca038e653ebf065e26ca9d8b7b92f82fb7c4a7330e45454ee5