Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
146s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
25/03/2024, 12:26
General
-
Target
2024-03-25_122f615411031b17f7f9b9f401533178_mafia.exe
-
Size
476KB
-
MD5
122f615411031b17f7f9b9f401533178
-
SHA1
9f3047537c2696d200b38fe10ccb2408889560cd
-
SHA256
aa9c8670b4410cbf5bdaee2c02b5e633dfa8497ab9c5cb7af5e9e6a789bfa261
-
SHA512
a84c5bb216e21413309fa3024066479c11000c409a5a467fc4e656e19b36e2f5117b5beb6ba2535a04fca7052aefb5d24cbe3978832c54dc11157505bbaf4bc7
-
SSDEEP
12288:aO4rfItL8HRaQjO+InBZ9V3Ge2X4xK4l8tm00YMeE7K9wlsDpVFd:aO4rQtGRFjdIBB2Fdhq+9wlsDpVFd
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-25_122f615411031b17f7f9b9f401533178_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-25_122f615411031b17f7f9b9f401533178_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7436.tmp"C:\Users\Admin\AppData\Local\Temp\7436.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-25_122f615411031b17f7f9b9f401533178_mafia.exe C2B9324D2D7477694B6FB71154F2BA3F6BD46F36403D7221EEC7AF362D4F8BF852F5077BDC1C6D58EACAD50A8D05974E3A5A4076875168D862D9A986F262C88F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5590a645c26d36dc4270f85fa7ed19c28
SHA13be2d5756c551e11bd56b16cc252492bbc2392d8
SHA2560d04d573f255e237befae8e7133547cd6b17dfadf541df265c269d8acba34771
SHA5120bbbb14370544a00d75e74b0dc1cc9c6529f4cf18b75a601446a51b1a24cbe7d940006703133ad3cbca28877b55c8d3cce68c24099b8e7c204194b9b5b6423a2