Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
19/02/2024, 08:01
General
-
Target
2024-02-19_ae5eb0bc547e63f6aaf33ae768d97d45_mafia.exe
-
Size
384KB
-
MD5
ae5eb0bc547e63f6aaf33ae768d97d45
-
SHA1
a882111e11ed4d41d9601142d069b6bea759a5a8
-
SHA256
5e011c3fa3c7eb4344620e319f6b6d10188443b168b744e0e65235b7cd1f00e6
-
SHA512
e8453c75a06a87f74230df63ca1763c5bb47ac943528879d60d27c4e129aac8456d1302001114a3f528f57c741ed97c0282b12b867a811cfd59173262bbc2482
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHB7PAuVo2+b3tvkZP+hBCGmSy3YhxCDRsNReynB4:Zm48gODxbzv7ou2QZG+bSmYxClGReRZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_ae5eb0bc547e63f6aaf33ae768d97d45_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_ae5eb0bc547e63f6aaf33ae768d97d45_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\435.tmp"C:\Users\Admin\AppData\Local\Temp\435.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-19_ae5eb0bc547e63f6aaf33ae768d97d45_mafia.exe 668D45F42DF82AC7CC7D55362F3BCAD725EB92A4A41E007A03CC13C690F119CF499C18312B75CA090871A869787A0A544EEB138F853B048B3D19E8F8219043A22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD59794c10101a985eb4a9411e50d3ea2c9
SHA11506c8dd32ac2c4e87f299abc92df2b0d60356d3
SHA256f9c2d914ef051a439b91fc0eccbaf9b979ae63aad149d2ce0b037da43b050028
SHA512756a56be098c1505bb284f4b5f1c2360bd61945bf47b0e6bc5b1ad603818c74c815376e07c58d0e379898c74732c88cec035f79dca260006a017994306f684f8