Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
20/02/2024, 11:31
General
-
Target
2024-02-20_4c42bbd453bdca63299b664b8e2a4223_mafia.exe
-
Size
412KB
-
MD5
4c42bbd453bdca63299b664b8e2a4223
-
SHA1
67229ec3a2210cf6be7bef63cb270598b1d4f460
-
SHA256
a57a1c35ec3fb2d6c5baaa8769f717ccf8e13deccbdddb228e23bd4a64f7d4f8
-
SHA512
61f54547b2959f0eaab9d0c7f73dd7d320f8bed7a4372d86e51094a77ddfc67381518d3b56522bf409dea396cf849b469866ee18cb34fed08d90bb341cb5527b
-
SSDEEP
12288:U6PCrIc9kph5lUeZaC69BbP4xmrHHo1LFi:U6QIcOh5ljZd674k7In
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-20_4c42bbd453bdca63299b664b8e2a4223_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-20_4c42bbd453bdca63299b664b8e2a4223_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A5D.tmp"C:\Users\Admin\AppData\Local\Temp\A5D.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-20_4c42bbd453bdca63299b664b8e2a4223_mafia.exe 145265C0505E4BE62C6EC43474D44885F4F2627C3402D4EF8FC4938B8BFBF291591DFBF0FABAD6F6C05C961A3BBF9BC67353DA386FF801938320BFF9E7C66F562⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5337a712ed7e8b245357dd2f838b85109
SHA17226d7bfbda7e53437ecbdd4d76437bf49bad084
SHA256c10ca6c98f9e9538c11a06c5fb9d9e01219fca30f2b000c44740c3ddc6289593
SHA51219e974ff0e485e291ca575f6d1a617f787eb99266bccac832b6fec6153e0e432fb3aeaaff5d5bd08db9ef7d541564fddf205e51d9a6b0b85187e8399e045e442