Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21/02/2024, 17:47
General
-
Target
2024-02-21_9594529e7cec76dfa74ac98a89751570_mafia.exe
-
Size
384KB
-
MD5
9594529e7cec76dfa74ac98a89751570
-
SHA1
a67ab00bb6f7688cfe1be8383c66238930d88239
-
SHA256
050426f671b6dcb9ef078bdacf3c133bf3ff382e1d9d189edb60e19dc15878ac
-
SHA512
3e14e5fd69815cd8d473f18064f84f216f756e83a2a7c72570dd8ac4a763ac23efaa2801d7ffa80f8e56c76dbea9f814a940a99cddf389338c2aadf085580d96
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH5pGtaK0hlekFuAjtyMkP7quK/tZ:Zm48gODxbzTkaWPAj9kPGuK/tZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_9594529e7cec76dfa74ac98a89751570_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_9594529e7cec76dfa74ac98a89751570_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1FEF.tmp"C:\Users\Admin\AppData\Local\Temp\1FEF.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-21_9594529e7cec76dfa74ac98a89751570_mafia.exe 305DA566CCFFA334A8C1BCA9CFA0FE52399D836F503616D4AE01C9197A5DD05423056D4EE268114732F591D631DEF3C56E22FEBCF4D4C562123B8C73945163482⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5b3f09793bb1d02890307722c904dd348
SHA1f036c2539c146c3ee5cde1bacc744964ca8b5e39
SHA256c074ebc95a84caea2e981dd33cc95aac5ed53d017fdceb46e1ae8216347d8679
SHA512ad9438c54dd0a8a13d75e750f41b99d485c1a9f079a74f6a15a3b7fd5aaf8c536a32e7d34b0b87181574bb537484f82ec8e6d3aa5c3bff92366c5ddea67de029