Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
115s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/02/2024, 20:58
General
-
Target
2024-02-28_f017bc72d84f222bc27d247168c039db_mafia.exe
-
Size
384KB
-
MD5
f017bc72d84f222bc27d247168c039db
-
SHA1
62ea3fc5184f7a3f0609ff14a228328227882a1b
-
SHA256
e2ce7abb4716f2d100162804f3a2307b14baa01c79689944e03a4537b148d710
-
SHA512
9c5855f7719c86902f25f56c62709bf69f9262e0aa911f8f02f4863e179993ea0b0e5fc10073b47c4d909d85c8fe1449963c78e26412290a31cfab8d9284807b
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHwr8COo2OA9gmY4B9ilcDJzSAcZ:Zm48gODxbzuo3O8gF4LilAJzdcZ
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_f017bc72d84f222bc27d247168c039db_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_f017bc72d84f222bc27d247168c039db_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3EED.tmp"C:\Users\Admin\AppData\Local\Temp\3EED.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-28_f017bc72d84f222bc27d247168c039db_mafia.exe F5F28283013F609091571107EB2A8819936BA794D84D8E9CD80484EF0003449C077A14C02D238EAEBC06DB7D52B148A05C594477DD40CF64F2B3662285FE11592⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5782b86955d58803ad7dbc1cf61130b5f
SHA1d446586bed317326aa7e9a6f9041f51d93c467d2
SHA256623fb73c3ff38e6540478ab8b6f11eb90ae649a6df7b62158bc4a346fdb965a8
SHA512afa3cd2e57284ed90be5043061c4d226798eb179fcb6794f002fb7c847367b0f8fdd7bb945fefcdb6b0b57c16c19235f194d8a1fc5ec396ab6c39ef2faae40e1