Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
18-02-2024 14:24
General
-
Target
2024-02-18_14c85b696e0bc493dc88c3f66e119c6f_mafia.exe
-
Size
384KB
-
MD5
14c85b696e0bc493dc88c3f66e119c6f
-
SHA1
6ed2c59216756ab50d8def4e13a8b7a423b86f6c
-
SHA256
4ca5e6e338da186000f6896c4beccc263232d02c0f2afc24a045c591ca854481
-
SHA512
a7405288ed9c81447b07de1764bec74bb98e5c1748f7bb450aa865491db5a2d6780cf3cae522f7a6b933176a2406cfcaedc05b53d2bc6086eabd1a77a2589ff5
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHnoX4TfzND8f269e/sD+A1RVDfZ:Zm48gODxbzlNZ6UuXDfZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-18_14c85b696e0bc493dc88c3f66e119c6f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-18_14c85b696e0bc493dc88c3f66e119c6f_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\19A8.tmp"C:\Users\Admin\AppData\Local\Temp\19A8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-18_14c85b696e0bc493dc88c3f66e119c6f_mafia.exe 6846A1F3F65BCDDEA2302BB31E9F2F01E11CA7CE72BAC4C9C5388938A791BBDD1366664616440572A73D3A18A2BA9BC465F090103603EB475BC32D26A599CC3F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5961db28c2bcf68f1b966d8bb87a85411
SHA135ee814816f6590a25f588f8180cd7ace0d4ace3
SHA2562545aee7fc0dc01a7cdf7765fd684e5917141db17120f735733b9d48431954ab
SHA51290bb8685b654e6dbf2d04782f4744047095b258ef0f92d78b5f078760ebfc6eaff20898f5c8e223b8ed807dcb352b0b1862a4e1c111165c1bdad9daa9360bcf4