Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
13-02-2024 08:52
General
-
Target
2024-02-13_f876181d2dcadae6067f34a2f3394204_mafia.exe
-
Size
411KB
-
MD5
f876181d2dcadae6067f34a2f3394204
-
SHA1
cb0f8de4543e096ac4492a5d58da6f2880860cd3
-
SHA256
74e254b705a010b888ae6c54b5ebf69c9f2958442ec80e7c555bda5eb55503ad
-
SHA512
81579006a52612888156ded3009c61b54d6640c83b9f5d24a0935e40b5e114c25b7f5a2116155761a66496e62507f9f2fe969d4c49078f182a5650a7ad664106
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFWVObKuQV9eaBX3OM06cMfGcW6+8rLJGtjHqHI:gZLolhNVyE1+0iA3OM06z1HLMxqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_f876181d2dcadae6067f34a2f3394204_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_f876181d2dcadae6067f34a2f3394204_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\196A.tmp"C:\Users\Admin\AppData\Local\Temp\196A.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-13_f876181d2dcadae6067f34a2f3394204_mafia.exe 53E6A4562F8A5C7E9EE50B23AD8DACA19FF3718CFAEE1EC0CA695DF55F683EB74A2F575413A9BCBDCC36CB69C64CDF7551C0B8CE42DAAECA910FB808AB0FC6A12⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5257da3b30ad24d1db9ab11eee4266bca
SHA142a8a8647eb1ff14f18a63abe19464b9afdd1d93
SHA256ff6ee1bbacff578f0491fd341060f8ae193d276bd8fb5cf2d08ac9bd38a6f16b
SHA512cad190c032ac8647df830829185fb1ed6cef49836a6ec71bf4319c92ab4fc39e1aa2974966ecc28796cdadfacec01bc3b765b34cfda539b19087ac5fe290cdf6