Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
93s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
19/02/2024, 03:54
General
-
Target
2024-02-19_b902834828cf0c9d7ae400d5f5c72629_mafia.exe
-
Size
414KB
-
MD5
b902834828cf0c9d7ae400d5f5c72629
-
SHA1
67eb3acf91ad3aa52a43f8f0a76035c0c0582941
-
SHA256
ed041b1e4a268578eaffc5203856f97d97972aced0977fff201d29c7d472cc8f
-
SHA512
66367e48db8efe88e0e7631f0091132ae76bf007ad132e6547ad2a950110e29a04f2aa5bd5cea383d23d2fc659acdd2195434c4345f5137fc04f7c9aa3748478
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BY8s4uQG4UYoemuHPXsOU3Dn7+K5/Url:Wq4w/ekieZgU695vToef8OU3D6K58rl
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_b902834828cf0c9d7ae400d5f5c72629_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_b902834828cf0c9d7ae400d5f5c72629_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3C6D.tmp"C:\Users\Admin\AppData\Local\Temp\3C6D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_b902834828cf0c9d7ae400d5f5c72629_mafia.exe 463881038AB127CCF4AC42B42F8C6BD34526CBFE53CFAB589D70CAEED7FFF2ED90A73610A2430CF68D7BF1E93E63EF4E0FD00088D9C6E4E09D3BC8700AA308A02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD51c375e329e1722e86c9ba5ac584019bb
SHA153a7fe0850db9b12bc23272c6c15cb881b7e3741
SHA25624eead11be432c64933c1dbc5b2be532fc0b3bd04e9718c0de6315612f6ad7bf
SHA512d5b1a107de9f20e91215a18b86e68b95de6b2dd73cb87777a7f656d1f938a643b9b1a6a8bbb7cd57d3985e31f2e42fdfb8d260d51c79a24e525ead5004ba69ab