Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05/03/2024, 14:47
General
-
Target
2024-03-05_bf2d2360a4b54f64fc7284a7ccabbd04_mafia.exe
-
Size
411KB
-
MD5
bf2d2360a4b54f64fc7284a7ccabbd04
-
SHA1
f40083d7ae39e0f58ef7ac7ccde68f8740fa2433
-
SHA256
98dff46683d084a93120110687fe4f3b8d26b2aadcb6bebb4df081c94393b5d2
-
SHA512
2f250aa70c63739f650a398c0948aa65979d3e1168e3609a4997c782df15b7f4f787377c2ef989a0b6f59d2e4eb11ffb787ef44b68326090b5cff7215cc2c060
-
SSDEEP
12288:gZLolhNVyEaOqvPVWLLRcQVJci/cKgKqHI:gZqhOE/LdcG/cKg0
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_bf2d2360a4b54f64fc7284a7ccabbd04_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_bf2d2360a4b54f64fc7284a7ccabbd04_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\BD64.tmp"C:\Users\Admin\AppData\Local\Temp\BD64.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-05_bf2d2360a4b54f64fc7284a7ccabbd04_mafia.exe 90E056E405631CAEB32ABBD9692C061C9431F7CC182DC638D4AA3221D20E45F12202B0D50B391C7DB54D4B5408B645293A66B85DD3D016026C58CD221BBF9DEE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD51845e663d2c3df4fa1b05adb98bb6e91
SHA153a0fff1dbb7c5b7c7328976b7b7b5dcdefa2cd4
SHA256e36047bccce98daa4c7a944d6519e317176f7c42d70ccb2786a23f6e7898f99b
SHA5128ccabc824a9b76a012d889e873820d9641761b43d4a36d2ae0e42b9aacb46a435148ccfcd8c329ced7e0fafa87dfb51bbffa59cd5150ce1d5a66144de03689f4