Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
153s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
27/03/2024, 10:44
General
-
Target
2024-03-27_e26c4856c571b3c3a7d690dd7347c154_mafia.exe
-
Size
473KB
-
MD5
e26c4856c571b3c3a7d690dd7347c154
-
SHA1
741ccc3d33399d7592bfed9831dd22d0fe8ff6ff
-
SHA256
0dde68495dd108dba66cf4260ffc25369fb84676c3005fa33f1bafca1e114d38
-
SHA512
f1b3fb2d86f0477677da0c3e75c976334c65aea507507390085e9c1a991d8b2f6e1be71048f92533c4336c07fdb560509e72698699b7b30b3a47f6fccd0bc2d1
-
SSDEEP
12288:Nb4bZudi79L5tXssuPE5KjQrl+cUY5cp/tEpgA0a:Nb4bcdkL3csuM5RlmiYVEpT
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-27_e26c4856c571b3c3a7d690dd7347c154_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-27_e26c4856c571b3c3a7d690dd7347c154_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\AFE7.tmp"C:\Users\Admin\AppData\Local\Temp\AFE7.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-27_e26c4856c571b3c3a7d690dd7347c154_mafia.exe 43465A078AC7CB643D136D6CD08C93833FDE1BB27C75E2DE1E38C3F7E19C32365044B4533C642B4E17C0E19B1562D83953621D9825AB4EC47F28635952AA4E942⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5c0cea97524a1de3c93e7af2a6e7082ad
SHA14dccf2e5c75fb5c1e6d4f2542e4d1461c27b0629
SHA256501d80ea5385e132a94d945ae8dd534bb07223b0baeb4b8e03f7ad32be33a9c4
SHA512c8de5d77ad284542ce1afd131ca0792960bc122bd86c8522ce3a81c9ea0e403c2eba9f4d41a5252aca81f13df4068d6d4a7c0e9d6b83e7ecdf5cdb86d2dfaf1f