Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
139s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
26/03/2024, 01:25
General
-
Target
2024-03-26_2981f3f9ed487ad626b771175933994e_mafia.exe
-
Size
384KB
-
MD5
2981f3f9ed487ad626b771175933994e
-
SHA1
82cad0bdfdb51fe84f089b3a6754fc0a4736b2aa
-
SHA256
0e6a5c0ab6f453c2cdc97dceebcbd32ad4c6ca875f000f72af999eef1356f5a8
-
SHA512
12c8e0cecec0a1c844ff9ff35a29458848d574c5ed69adce80585e5f91dbc1bb8f609cfa02ee36c236fac85ef626aa923658e9dc6c29e7f6d93f14a7dde4d693
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHhMk87w2b0O8cmRxv4YUjb7pT/zlGno9Z:Zm48gODxbz/bq/bj8Lxvml/5GOZ
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_2981f3f9ed487ad626b771175933994e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_2981f3f9ed487ad626b771175933994e_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3BF0.tmp"C:\Users\Admin\AppData\Local\Temp\3BF0.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-26_2981f3f9ed487ad626b771175933994e_mafia.exe E96F38307050E8751C9E6B795080F8E148BD27AFAAB0DBE9539CF6D1AEEDDFEA9EB3C6888C56D9B69BC5A90FE4A07379F070027AE8201C9D2524A56F92EB19372⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5fe1cf0f493a2acb4618d4b6a8ce1aef0
SHA1709d6d5caae63bb990bdc73bf11eed8d26198cd4
SHA256f3bd7b519996004ea563f783d80bd33e889e54e382db9259198ddb8e7b855f45
SHA512416fdd57383756eca224d14caa5e06c61651b96e0c238764ae99624e3c10e584c6b8a08ca0a184015b5ad4570cf4a65eef3733d9fd97f0a0be40df68b26a70ef