Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
19/02/2024, 07:28
General
-
Target
2024-02-19_145175629192c496507c0e34a0ffa38f_mafia.exe
-
Size
428KB
-
MD5
145175629192c496507c0e34a0ffa38f
-
SHA1
0af8af8e352d377c4189f375965b57d5f740b6cb
-
SHA256
cab9afee25877860c4a76ae34628a028a13e21b393a4930e4944c560a3dc73a8
-
SHA512
462d9376b505384babf2c34f93c8cc5e86783d0baee2443f762b687ddac171866f97f7ab799a1efeed979ccf0c24d141922837b2aff6417ca4774ec61c50d81e
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFmZMNNiiFM72n0w7owxOIZbxiaZPobLhjB7/qHR:gZLolhNVyEtZW1+rw7g4AQyhjBTqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_145175629192c496507c0e34a0ffa38f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_145175629192c496507c0e34a0ffa38f_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3F9F.tmp"C:\Users\Admin\AppData\Local\Temp\3F9F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-19_145175629192c496507c0e34a0ffa38f_mafia.exe A27F78D714C5C7F82925AF5518A54C8DEAFECE21A1D446E6D09A06BB3DC5FD1756913EC18ADB4EC3BC2A4770036495EF4C631AF5A3C42851DA4B057251F36D3B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5d79821103abce0151223eaea94711b7c
SHA1495144dd69e47b540869c74df466a7f8ab932d2c
SHA25624604a04dff10823e360800e4bca4482053efc827ee64eabae82e1015cdb58b0
SHA51275e5f783bfdb001897bab61988f7baf415ecc1e1cbcd82375700e4929fb76ff977099f1271b641d8341a58fe8b59baa3aa134385900dd0d1e5cf7a0b04ed3c80