Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
143s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
28/01/2024, 14:23
General
-
Target
2024-01-28_1832d2847d0a7a5be3611ff636fb7f04_mafia.exe
-
Size
428KB
-
MD5
1832d2847d0a7a5be3611ff636fb7f04
-
SHA1
e6bf998f643af7565ad325488829cd965b8ce5f4
-
SHA256
8724f7cb88d613a4fb184ca5e3d2ea051acb6018785668628cba33935c455dbd
-
SHA512
967791ca15cb62b2e0120b92e31f6635cd688a45810600f0f1a11e6d005ba92706dc196bf228a9aa34ff7d01bce92d7b49d19b00d3db032ea8dbcd1d73ca6eb5
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFyGPSlEnwHhiGZ+0op2bMXjeW9waNeqHR:gZLolhNVyEZGKlEnqop2bMzD9wLqHR
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-28_1832d2847d0a7a5be3611ff636fb7f04_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-28_1832d2847d0a7a5be3611ff636fb7f04_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7CA2.tmp"C:\Users\Admin\AppData\Local\Temp\7CA2.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-28_1832d2847d0a7a5be3611ff636fb7f04_mafia.exe 933089BFBFCE282A2E0BE0C05D84F1B4BED443361D103298CBD61CC51020443AAE2F7268B700CC9E20659DD61957EE12CBDE1DEB1BE2EF54C53ABAEBCC72D0C72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD583c7ce5eb821818c771ecdefa0beaf02
SHA1047b830649fa828c0b6d087fffbe8eec3cc05af2
SHA25672a76066c8208811c2361a83d881d71cf05a89d17b3e5e517fcd905ea0e311d9
SHA5123070739bfbbee51cfa6af77df60af6d118c9d8465f4fb544e1b8675211bfceaf4e705f9bd3f2eb9a8ef715c85d5e3b8183e7fbd9e7be25da41fb7a3445f5a0e2