Analysis
-
max time kernel
117s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22/02/2024, 15:45
General
-
Target
2024-02-22_9b562ab8ec11b6653a0a11539eb1657a_mafia.exe
-
Size
428KB
-
MD5
9b562ab8ec11b6653a0a11539eb1657a
-
SHA1
da6fcb472fedd110d9b345cff9cb758a9c7bd1d8
-
SHA256
894da66cd7e4f528880c2bcb41826c93c8046bafef6bfc9def8f0aca4ff18513
-
SHA512
4db303a777f87577e9e256fe41d8280f79a3b64cef6333090011f1d2f086506c4679c03a16c81b3a778a80a19913375a4a86b703c91fba749c594ad9935c38c3
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFts+ZK34zOvo9OFTrbvPohI1GyDYL7NMqHR:gZLolhNVyEPiK4kFTrTohADAMqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_9b562ab8ec11b6653a0a11539eb1657a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_9b562ab8ec11b6653a0a11539eb1657a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5419.tmp"C:\Users\Admin\AppData\Local\Temp\5419.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-22_9b562ab8ec11b6653a0a11539eb1657a_mafia.exe 7353E22378790AA50A4F64D999CA8ED6DC61F8DBF169AC1A18BE94F035D209AADE65FE1008BEECEA0D3E10E827460A4B755F86D8B8B4513BA616C573C66165182⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD51a2cfc3f72a08e9095ccf8523b3bf4e5
SHA18c1e5cb12c010fabe00b728f6cd488292a24b764
SHA2568610844975ca648e6d45756775296069a4234c4ef81a60aef3431dd2ad441ad4
SHA5121979b5b1b10142a9a9118056753d6fb66237314065d411535f4ea13e1fc4bc2d5e2a0f4116490d1990d113db0affb448b16bdf50762a8b15b0796d6e37f7e1bf