Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/02/2024, 09:44
General
-
Target
2024-02-28_908be846d9e6156cdd533aa1fa05bc12_mafia.exe
-
Size
486KB
-
MD5
908be846d9e6156cdd533aa1fa05bc12
-
SHA1
d90f727b05f9fe1353cf8bed3f66c5678e2b1a2b
-
SHA256
fc038c1df7f248324718a93b726ba98da6f97bae2d78242b11ecdb8c78d41777
-
SHA512
5bcba4f1ba76d406cae0dd4f427fbf5b104bce8fa9711f25ce651193561b5f18aaf2995c311ecfaf75f76a2d47dcfadcbec44beee8a2388d16347821cd37c5f1
-
SSDEEP
12288:3O4rfItL8HPPcYX2iN7+ZaRoto9Rta7rKxUYXhW:3O4rQtGPCiN7qaRot0ta3KxUYXhW
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_908be846d9e6156cdd533aa1fa05bc12_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_908be846d9e6156cdd533aa1fa05bc12_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\351A.tmp"C:\Users\Admin\AppData\Local\Temp\351A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_908be846d9e6156cdd533aa1fa05bc12_mafia.exe C0AA2B8028D162CC5B021CEE8B18FBE8B73E8372D8671D91C1234DF37904FC01DE80C26431C2D082BF4E0B35AAECAE438C2D63D3FD442BACFF027A3BAE7125BF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD596af461b0566a82f4ea0375fd1e00620
SHA1e582cbe9145e0b76a6c89bd22baf4469098afc61
SHA256fb62466ece219c1d63b1c4fff574395a99a47ec5fe656b9f2bceee41b7e58347
SHA512e52d0d9fff11bd12e43c3b2700931be2a671a4d310f109dfa6bb6bfc5d63845de051b84db4ded342e39fcbe844468f4bf6a9a8a4e728d7ef949b54d688a3bab7