Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
01-02-2024 09:49
General
-
Target
2024-02-01_e9d3b20ab37436bf4c269985729aa98a_mafia.exe
-
Size
428KB
-
MD5
e9d3b20ab37436bf4c269985729aa98a
-
SHA1
7ff555084156b0e3f20128772fa3667d2c802daf
-
SHA256
8ae05b146651c6193bb852706af501ad3f4cdca89351605b0f94010322eff089
-
SHA512
ab471e37b03488f58840085b7b14d2419efdf8cb13835fd2e68c14bfa3afe23537efb5a5d4d6913e754f3d56ea637f6b1ebdda230c52efa1f9a45e5aaf5d55a6
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFM4G5whyL4QPshEayZIZ9mvBBIK8GqHR:gZLolhNVyEL3PsaayZC9mvBBIfGqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-01_e9d3b20ab37436bf4c269985729aa98a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-01_e9d3b20ab37436bf4c269985729aa98a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3C8.tmp"C:\Users\Admin\AppData\Local\Temp\3C8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-01_e9d3b20ab37436bf4c269985729aa98a_mafia.exe 889616FF92BBB58A0B4A8C6DC66F541CF949C15911F40CB1F8FA1565B8EC27E45117012F23FD42D8497E8274BF9153C3A738786C2716B812A1C013ACD8F5BB7C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD56e1ee979987729ca9be407a738366c7f
SHA14e6258aaddfcb1e08c293939dd58651b568175fc
SHA256a4a6a4da8452a34c61ac664484395959b4b04d45a2e6ddf9253918e691f0f28c
SHA5120559d3b9f7b622001ea98992e66db9ec62fda0225e309cf8242a520e94eca33114bb299d182781544871153e906e0cafe37004833663e91820e936a7a9357476