Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
19/03/2024, 21:33
General
-
Target
2024-03-19_7f20bf42b5519830b72a8e93e876a7fd_mafia.exe
-
Size
428KB
-
MD5
7f20bf42b5519830b72a8e93e876a7fd
-
SHA1
69d23a81bf58c3f7acacf42567551fb4782f66dd
-
SHA256
855d6e1ff4d9612a80d830ce40c579544e623a1f3fbd0bdb1a9636c3412b9e74
-
SHA512
d28814b99f637a821ed8a8c1ec8e339923d0c37f2aa301aafa0759f9659fdc6905c90399dc74653f098ba4c07500e2858611f938a17374999466ded56d81f3bc
-
SSDEEP
12288:gZLolhNVyEQVdsiAmHEUr0dMEBuurPkqHR:gZqhOEyA9UWBJb
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_7f20bf42b5519830b72a8e93e876a7fd_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_7f20bf42b5519830b72a8e93e876a7fd_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3BC1.tmp"C:\Users\Admin\AppData\Local\Temp\3BC1.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-19_7f20bf42b5519830b72a8e93e876a7fd_mafia.exe 42E94DEC4AA7C4C806AE22F98C172E2F69A3C726BCFBB22BF7324D958DDA31AB1C1E284850D710E31046789654AA21D5A9B2C3A90CD47076BA982A6F2CB1CA382⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD535287ee6579f3af2d9c0c43a8f93a3a4
SHA1eb4cb887f11e035e0ff8d90f75217e39ae0cbe12
SHA256d3c865bcec53aa58922b745bf9cf3a6d6fc4f8f416ab4c8e6c477203e19d4c10
SHA512355302084d35c4d64dc403e75f169d38ac49352fbf22d778a502e4a07fca8e299f472cfcbc3d1e595d88fb3eebef44e2c120fe444250caa11e4ccdad423f0168