Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
66s -
max time network
40s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
27/04/2024, 03:29
General
-
Target
2024-04-27_736bb4d74ec1166f23e66c3b9723affa_mafia.exe
-
Size
428KB
-
MD5
736bb4d74ec1166f23e66c3b9723affa
-
SHA1
692d30a630c8849eead4a30294944bf21a43b008
-
SHA256
964ebbd913bc7432714f72b5f7187f42f30f30d118f0e1441dce705fbdba3387
-
SHA512
9b693c9539006257b2d1544ce60704bcb72a2cbbaac206837fce155dc337ae657a405f9fde573a1f564cc2cd9c62f29c4b37228758d44e0a9561ea0e59954b1d
-
SSDEEP
12288:Z594+AcL4tBekiuKzEr4wbaH0gC0x26HVePekidl:BL4tBekiuVr4/H0gLx2Coid
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-27_736bb4d74ec1166f23e66c3b9723affa_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-27_736bb4d74ec1166f23e66c3b9723affa_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3C1E.tmp"C:\Users\Admin\AppData\Local\Temp\3C1E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-27_736bb4d74ec1166f23e66c3b9723affa_mafia.exe BCB0E2497FD3E5D5CA24ABCE257BC4B7694CFEFA84580C65781FFF33E66B7C542DB0B83A6FEEB20933E89A08E7577CD8ED1B5A7885FFB074B725404D280A129C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD58191cb2ed56635a2a36712bb253a3374
SHA1ffbc0d27b6ab3fbccc6a2aad6726373828b9128a
SHA2561dd714759c4e1f965bb190deb964e977721e35784d42d7ee12e28465b8b27d1e
SHA512198066f9f1980a2ffb2f10dfc786505beab78471232849de6d8fdd4a041b98f63857834b618e3bc7ada643a56d392e96182b51717c420ba5637287aca9f6aaab