Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
93s -
max time network
99s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-en -
resource tags
-
submitted
09/07/2024, 07:03
General
-
Target
2024-07-09_ca9c3ca6b591d2211d3ee9fb9045246f_mafia.exe
-
Size
428KB
-
MD5
ca9c3ca6b591d2211d3ee9fb9045246f
-
SHA1
5f48b0e17640eb85487ce7612903b5240b72f434
-
SHA256
8cbab6c99d64812499b921d74eb34f7b6d4d40ae3fbdacc11b2810a3d8defdb1
-
SHA512
8d143d164b7babb1de1708c0bd12d3f155052849ab6801fcf96fba163fde176406dc94f5a8fb4fb7de80199aedad8e3a285edb4fec10f1c365161f478e04dcf8
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mF9xCH194MxWBPWIBGd6CTnU07TyRiMaqHR:gZLolhNVyEexGgMxWBeIGNJTyRiMaqHR
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-07-09_ca9c3ca6b591d2211d3ee9fb9045246f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-07-09_ca9c3ca6b591d2211d3ee9fb9045246f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B0C2.tmp"C:\Users\Admin\AppData\Local\Temp\B0C2.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-07-09_ca9c3ca6b591d2211d3ee9fb9045246f_mafia.exe BD9A68B7219213CCB89A3E48E0F70DB84186F09A8BB1D4C2D45E88D24370A37886A4140F7D74D1CE7B5A80EA4A71CD411B84A3B8AF0E38F71F76DCE1702A89FC2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5debdb8a49498753454187b3632b32962
SHA1c2e3e7b7c1e11d3435559d4b5451191c8176a1e6
SHA256872961b4b218d520455f9fd5d6f38477c50ac54d4a25ee01a0b11dee17162f31
SHA512b33dd6e30a3a906a0e7e9a5fe1b7c158ed837a39028803f168f14cba5db0c2799696960a79e9e24810f6154d0b8d8f1e8f447ea1747e50948e2d22427ae5fb0c