Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
15/03/2024, 00:41
General
-
Target
2024-03-15_87360e8b8f6d1f1678f7dc696a3f699c_mafia.exe
-
Size
443KB
-
MD5
87360e8b8f6d1f1678f7dc696a3f699c
-
SHA1
b926c0297dc7916e481053706c0ef103a8b1bd08
-
SHA256
feb24135ed54070887ad6efe38db0c7b4897b68838603754d933e9251bb59f10
-
SHA512
5b58cdff30e3b796b08c28a22c7b0c47dedff4fd0bb54dc8cb4076d08ac820d40739dcaf047fb930bf17c54b3c27ae967a8bf644a28b68208cb4a7f23b4ba1a8
-
SSDEEP
12288:Wq4w/ekieZgU6UP/yo8L+HKlfcvNM8XlMa:Wq4w/ekieH6CRqlfcvbP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-15_87360e8b8f6d1f1678f7dc696a3f699c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-15_87360e8b8f6d1f1678f7dc696a3f699c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\33E1.tmp"C:\Users\Admin\AppData\Local\Temp\33E1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-15_87360e8b8f6d1f1678f7dc696a3f699c_mafia.exe 8A157BF8588199B82307897B973E38989C59736FEF4EC22FD1923DF0A85845E8C8E38AA29CCDD236E62F23C0AF8233B6CD23E072B4331D96983F5F23E86497CF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD59f96bb9135c28848958a375784487264
SHA1458443a9740abedb1196fd1dcf89a57eb829f990
SHA2561aec788ccec335246f3c69c7f26f241cbb1fa1ea257578b65d6e46452c1e66e4
SHA512f303da7cfd9bfa8fb9b8a2877a6220a4d2772d00249aebb2a95bfcc860bf36ade1b2f1bc26edc6a3085c4aadb040579136d286f234c4c16e8a7e84687eeb66a1