Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
151s -
max time network
171s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18/01/2024, 23:33
General
-
Target
2024-01-18_f30cd819000d034744ccb29421408d65_mafia.exe
-
Size
384KB
-
MD5
f30cd819000d034744ccb29421408d65
-
SHA1
9445d2580ea0c3afb70be7cbf923902cf0ae904a
-
SHA256
fff071bb9553f9fa5081c3ddb3d10caf1664dcedbdf276d9f645f8ba942ccda4
-
SHA512
28a1e92319be9b29d2b430a6a28d7ae7699bc8917ba5e08ba4dabaa266213a3cc9810fad2fbc21cf2e60b6d78ff3ffefd4ee2df68de11424f201e108484b53a4
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH1cuFsO5zuNHxVnBnUrXX0cUUhZ:Zm48gODxbzbcuFn5zuDk0p6Z
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_f30cd819000d034744ccb29421408d65_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_f30cd819000d034744ccb29421408d65_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\D4E4.tmp"C:\Users\Admin\AppData\Local\Temp\D4E4.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-18_f30cd819000d034744ccb29421408d65_mafia.exe 2E4DCDF2DC2501101CCC5F0DE7378FF97F5294E39A1A5CB7437258CFE96612114C01C764B5B88811BC10607E30A558276FF5EB7F05D57FD14E71CA667A62B8DE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD57f8ca6049d4ad91c92dbefad0d89e578
SHA1c46ad8953eeba404cbe4541c0231137227f97798
SHA256568b706e318c94ec4b7e991b7bac57270a813347c92fb2e626000a1eb214dd87
SHA512d0b8bfd4323ac84d1058d3b8608319e0c43927515227123cd010281a165cc4517c10a4d6aed06b9889f09c028b336109ba7a97ec686458e5e6112d25d313e041