Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21/02/2024, 16:32
General
-
Target
2024-02-21_367eb07ae672376a00e19b1bfcf14e4c_mafia.exe
-
Size
473KB
-
MD5
367eb07ae672376a00e19b1bfcf14e4c
-
SHA1
fbea9bc39594e446b69a3a00f380f3e86681a5a2
-
SHA256
4234d317cc91c388b1c4fe75783535132ec17ee1af9a54f903896630eb422e5c
-
SHA512
ae45bc58ae1b92c5165f83a2d738ee14227f197434107065389b6953656c5fe1b501554d60e4662099e5d99994c0b55c46b936f413cdc4105eb5c3f967211294
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStQx4j72OVHIzcPEZXLY5MiIprrbjvPDl/2sN:Nb4bZudi79LMjDVHvEZcD2rT4J6mbA0a
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_367eb07ae672376a00e19b1bfcf14e4c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_367eb07ae672376a00e19b1bfcf14e4c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3B24.tmp"C:\Users\Admin\AppData\Local\Temp\3B24.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_367eb07ae672376a00e19b1bfcf14e4c_mafia.exe 0F327793432D868BD3C59E9A62D20E1E11103B49B4361885C7BE4870C000F04EB6F8DA655901445193FF393A30684BC062FAAF126C8A06CE0133FDDA5327DE0A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5ed1e122ef636e2251190c44a5f16565a
SHA1357f4d3e2c3e1a49e253d89e0a844d4683e1d2d9
SHA256acf1db1c919d90cb2ed00000b099f7f6cdbca2b71fe6f1a739ea50a690cd5514
SHA5123f3fc4c9253c1bb03ef0de8771623766e96c029e6c10b322abf1e351bd12ba1fceed6e7ff4676ec91c71a890a9e74cc743d18c64ce41deecc232fe73484663c5