Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21-02-2024 21:25
General
-
Target
2024-02-21_2ec77653da3ab359be6d4262d43ea628_mafia.exe
-
Size
384KB
-
MD5
2ec77653da3ab359be6d4262d43ea628
-
SHA1
e0270f317e13e7fd31d46f000dec79684f1b16aa
-
SHA256
914e0de7b0720d7724ff94bc7a2be43ae83a2a4ef33116bdd9f739ee73dcdca4
-
SHA512
a26807280fd7889f857ad03efdf63d9df34eaaa586d505f2125374247331864c7330c397c90e8f7afdd5f12b6d505975454a0a98061d0e7cdd69a8a2fb360361
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHs5j79J2QcU66eAQcsbyOsCu0fkR0OaOaZ:Zm48gODxbzajT2QcU66eAQ9yOffM/uZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_2ec77653da3ab359be6d4262d43ea628_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_2ec77653da3ab359be6d4262d43ea628_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4F87.tmp"C:\Users\Admin\AppData\Local\Temp\4F87.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-21_2ec77653da3ab359be6d4262d43ea628_mafia.exe 0D8038F7E6AA951E35EBF13E32026528AEB1C5C34AFD8375FF57C55F67A40EA05A4947FC6803F8537FA6F5E0CDBE1D16650B915D551204905BB0A6027939CA8A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD50986321f4a4c4adb2faa76fc01b944c7
SHA1f318a68bd4ef228bb33f5df11ce0174ea84f5e3f
SHA2561a97eb7bed4bb7a0c13538b98ab68c685c943959261e93a5bd98730277cfb4ca
SHA5126f1de3aa4a904fb6b1b304646a6453b984f88cc446f39b4a8ee52c57c02cadf5ce07d989077121a2931a6e7b33b6339cd5de07113e38d5f226077bddcc8be885