Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
06/04/2024, 00:45
General
-
Target
2024-04-06_787e619fa2904b3a3b4675b85fea3cf3_mafia.exe
-
Size
433KB
-
MD5
787e619fa2904b3a3b4675b85fea3cf3
-
SHA1
d6c43c84491f0ec71d776ffc387964dd36747f47
-
SHA256
2cb80e51da8d80fc692d7ac7279198e4261d84ea8a35282cb179903a3ccbbfca
-
SHA512
7b1b700c83af226278e788c966b39f2c77f51b9afc00c5595d5d1da221ca2ef0e714e8a1aeb0a0fb994b7d9151bed091f14e9bff2e3117b0acaa3dc032f83f76
-
SSDEEP
12288:Ci4g+yU+0pAiv+tIR42BRoV+exskk/MsEy01qUn:Ci4gXn0pD+tI+hVFY/wyQq0
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-06_787e619fa2904b3a3b4675b85fea3cf3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-06_787e619fa2904b3a3b4675b85fea3cf3_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\321C.tmp"C:\Users\Admin\AppData\Local\Temp\321C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-06_787e619fa2904b3a3b4675b85fea3cf3_mafia.exe B56C03595623F2875A1DB767750E3A4C4ECF20EB09FE898649CE8B44E6A47B722F8A1EAA2D016CB3D5845DDE72D77D451549D9E1FA23920A674F1F95F9F5A75F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD50d4801434938293d31e132d836b1d8a5
SHA116c99df28ae47710eace4db1b9f1ce525931a832
SHA256fc3dc1f0fe04f21f9b6799f9ed9e0307d784205fe92a340e79847025b85985a2
SHA5124b02369aa1d0d2e54491b1a6c9c7eb6645d22a9d8fd3d4f2d9dabfa6173ed2a68bfac2f1c17fcf27fb82baad6883e57af4fe5e1f97a2714d6086555becafcab3