Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23/02/2024, 01:35
General
-
Target
2024-02-23_52691bab84317f4d937432808099672c_mafia.exe
-
Size
384KB
-
MD5
52691bab84317f4d937432808099672c
-
SHA1
47f62a900419a0e30247c2625e77fd0d8f19521d
-
SHA256
36f13dce7c9e8cb9defc51c647efc484f8cbedbb13a14cc61aec3e0dc5e3de9c
-
SHA512
c40b57f1684e556d11c06dd3b6d79e4fd085cc2c05a320bf769ff0962a649b9d0fb6563c47ac1c7e48425685ff924fa1038bfe8425d17ee45386769c55cc788b
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHBOPVL+3iw2/4jsVjIlCWTJGDbK2EGBZ:Zm48gODxbzDuL+34v+tJeEGBZ
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_52691bab84317f4d937432808099672c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_52691bab84317f4d937432808099672c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7455.tmp"C:\Users\Admin\AppData\Local\Temp\7455.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-23_52691bab84317f4d937432808099672c_mafia.exe E31EAAFF73DF835F763FE7A226088436474C279C593A20BA09D11E9336BA9CC0F3EEF9AC02649C250CC421E4089E7109ED065A3C687C8A1715181309E7723D0B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5c10d8e19ffd7bbbe1e84ed4e753fceef
SHA184d63505ce76c60e44fc1392cdd47e325dedf4b1
SHA25612bb8073e86116090cf3ba25a59757a023122079364be1d50ca37198c7d3501d
SHA512b1725eca87624e2e1f699700c33e7da38bf46059b73d7091a36a002a828ff77e7ae1804d46c398b992531db8d64c752ca087cb0bb8e5a2792df7e7a7d4248095