Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 20:24
General
-
Target
2024-02-12_2e3ded4fe835af3f00b36c425d1810b0_mafia.exe
-
Size
428KB
-
MD5
2e3ded4fe835af3f00b36c425d1810b0
-
SHA1
9142168489cdc647edf315545e4ea6aadb97abdd
-
SHA256
5788d2c1fdcca15db481ed22234d083685edc59792adb6d943829fd8fdc5552d
-
SHA512
2a4d7e02eb6bbf8eb7999a4f9d28528afe00114c92cc0f5e35f5e03ee746983f491a2e098c97c1eb235d44ca98615d9bf3e8941fe054bbfd118d62b097787d21
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFi4bwFieNqaDYSuJYJkNV+bMpwnf5ZqHR:gZLolhNVyEGsieVu+eVef5ZqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_2e3ded4fe835af3f00b36c425d1810b0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_2e3ded4fe835af3f00b36c425d1810b0_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3B8.tmp"C:\Users\Admin\AppData\Local\Temp\3B8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-12_2e3ded4fe835af3f00b36c425d1810b0_mafia.exe 5A2D217D32B4B50282D4CBFB4EBF1A0B69FD135719FF052FCB6B9DBAC9C6BCCDAFE28ACC2A7CBC8CB3DA9C8B65BB816E1C02CD48A213F8786808F92D2F78BFA22⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5806ae8fe2480b5483b6bd1eb556a324f
SHA121be5701219e10820a80ca74eb2992157b960a13
SHA256bc5d2c6c554b326e0a22db8be22d98e4b92903e99538515561759970a7e7d980
SHA512c9799435733d96d24cf6fc94dd6e93535954aa73598f946c048e175490dd211ea944d46f9e23e0f3b9a7fe6aca89a3cae76cb063bb52ca1370dfc962ed352715