Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05/04/2024, 03:58
General
-
Target
2024-04-05_97ee8b54b9dcee78e935dd9198fb5542_mafia.exe
-
Size
413KB
-
MD5
97ee8b54b9dcee78e935dd9198fb5542
-
SHA1
060aecaaea4370b43c0048eff1795f16f3aa37a7
-
SHA256
473d0c072a8127cf9b7dbdeed3b192067409c7b51bf333437c70760f4dc62126
-
SHA512
30e763bef64d8619d405c309608f561cea5f9476cfbed7b883e84b3661c42888d62c1b8b4f8c20cd7160ff3f4d0a37475959177847f20531180084e3fb16a5ce
-
SSDEEP
12288:gZLolhNVyE0cBvEZVbZhFQLKxVvteg0xy0vhqHg:gZqhOE0cBcrbRMg0yMx
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_97ee8b54b9dcee78e935dd9198fb5542_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_97ee8b54b9dcee78e935dd9198fb5542_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\57E4.tmp"C:\Users\Admin\AppData\Local\Temp\57E4.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-05_97ee8b54b9dcee78e935dd9198fb5542_mafia.exe F65DB334377FF61DEA709FE2F9F9E63201756958212CD7212A29AA73E9BC0ABBA8D71E6953565CF5EB9F8CDE812BB8B10CA39701105C3368C73F786D43F75FA32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD59322dce7bc10d8d4fdeedc25362b285d
SHA1ae1812b7f8d35e373486d196602df3668495860d
SHA2563f2ae9a3e6de017acc88f9088225ac747de4fb08dac0931267bc9e6b9dcf8891
SHA5126bb8efeb6c8bfbeb0e9dedcfc88569268598c3d9ddb0368ec93109cfca38f8268aa34785fb1cc1553276e445748ccddbfa97e20fa0407d338265173097e62c47