Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
14-02-2024 06:58
General
-
Target
2024-02-14_9380892323aa26ebceb6b00e6983e24f_mafia.exe
-
Size
411KB
-
MD5
9380892323aa26ebceb6b00e6983e24f
-
SHA1
447240447222326a900b5974fc55c6edd2afd7f1
-
SHA256
f43413743a18c1720e08f6358ba3576c0c9abab86ff2a21a6284eef8a9ed9fe6
-
SHA512
c16b7aaf4915d98f4f70f8f4d56ad7d842a781f3541066a2aa0c82fac4e2895a587dde4afe5850135fafc4f7cfc141cfd583a620316b2005ba90e74653f9f5c7
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFlugekrCd6+It5OQuyivo46hOxOjy8DqHI:gZLolhNVyEySd6Xt5OOi2hOxkDqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_9380892323aa26ebceb6b00e6983e24f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_9380892323aa26ebceb6b00e6983e24f_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5AC.tmp"C:\Users\Admin\AppData\Local\Temp\5AC.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-14_9380892323aa26ebceb6b00e6983e24f_mafia.exe 424AA9C76BFE7CBF2A85E03663F4FB16F0E188FDCE1AC11FB666CBAD22902D3E2A6C78390435919F73BB8CEE3F497B61B2CC458BB506E35165DE8B4DFB64DA8F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5c29f42190521a34f2db2de96135c08d1
SHA1940d5765b502420f63c37ee17b5f0f83df2f1a6a
SHA2565c8fb1299dcf3f5c015a7906e864f18deda78207f960434287341885d3f75b6a
SHA5122f5eb0996e12ec9463bad1bb60c754bd6c8d06628f27cd4058bb351b957617203fde38ae2c2df01eb7e245324db7b03dd76e28bfaa1622335a35139afcc1dd53