Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
147s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
17/02/2024, 11:23
General
-
Target
2024-02-17_0a8d23f13ecf455049564425bbf70b20_mafia.exe
-
Size
486KB
-
MD5
0a8d23f13ecf455049564425bbf70b20
-
SHA1
84489f07d4bb0f59c4828cd1577da2db00cf2986
-
SHA256
1968da6fbb3b0125c468f276c635509171d92104d7430113f031d1f59a946dfc
-
SHA512
2ec1bc96a743f767ea76dc0dd24b74ae9d35518783bf8497927494491691e316e16ef78ce3b86599844ddec5c169b44ca851b584c1cf92c1c1e062f05a654e33
-
SSDEEP
12288:3O4rfItL8HP4OqdmgRbwbsSPXeRX1lshT/u7rKxUYXhW:3O4rQtGPLqFYsSmB1lyu3KxUYXhW
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_0a8d23f13ecf455049564425bbf70b20_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_0a8d23f13ecf455049564425bbf70b20_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4D45.tmp"C:\Users\Admin\AppData\Local\Temp\4D45.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_0a8d23f13ecf455049564425bbf70b20_mafia.exe 7C95B27DAE1AC7B8FD10653FD33F740FDE6540176EEBAE91E76F590FCB501A904FCA40D25FE891F0563A9EBBF944F945F80D45FE2EC0FAD7E253E846A23FB71B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5bf8aad31898ce875aef0b6b2a64d321f
SHA16e06fc248708c1eb6df1d27cef41aa832062fde1
SHA256807dcf59e86f3c003c2d1f1c84d019fa0951c0f5a13923ef61ffa4a57d35c96d
SHA51254244bf0e4ae539066307e0a40a4f5332ae1a8fc3324a424a4b67474a8eb3bd216184c7128150d4f61f0d873e40e397b3b964de19008cf7bb75bdf1bfa0ad6d7