Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25/02/2024, 08:31
General
-
Target
2024-02-25_a07e6ec0c604451df20bab5e8a004895_mafia.exe
-
Size
444KB
-
MD5
a07e6ec0c604451df20bab5e8a004895
-
SHA1
4cc5c68f6627bd17cc61599c393eb409b85b07e5
-
SHA256
fa9ecfd5e3d3ade8d0d71676079e79fb33d9c6bec5ca095bdde57fd05fd60c85
-
SHA512
1621a975947a843c806a07421baa17ffd07e60f787bfc13a65f520f7f206a24a895b3b99fa130b18b7f37c8b90427a3030df6f6133b91e1ae2349f349414cfc8
-
SSDEEP
12288:Nb4bZudi79LSuCex8kxXrq1CfMt3SBvVaA:Nb4bcdkLSbLkxXk+4S
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_a07e6ec0c604451df20bab5e8a004895_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_a07e6ec0c604451df20bab5e8a004895_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3AF6.tmp"C:\Users\Admin\AppData\Local\Temp\3AF6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_a07e6ec0c604451df20bab5e8a004895_mafia.exe 23A90CBA3ADF83C26BF2F9BB96E8A10B034CEAFF10C3B0C4C93B89C95386B08F14BB34CB57BC8572950467094B240DAFBEB9E8720B1541656D2CBBB029C00BCF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD590d70ac4bd34f242cf81ab383a1ba687
SHA10c0772433cf656bfe695763b22cd26d36be0fb5f
SHA2563fbecffd94db587ee2c60df6c3f9ee5696bee11f91d7d2717291cbc8845f1ef4
SHA5122af500c78c61129b88a97b826c4b5806392c3fcd5d4e8f15ffa5dfb6bc9aeda13a8211d33052023f046f051b37d7a7e543660df6e64832c2fe6c33f217cef5ed