Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
23-02-2024 19:51
General
-
Target
2024-02-23_8aeacfff182f4b5b47962de9604e7e65_mafia.exe
-
Size
411KB
-
MD5
8aeacfff182f4b5b47962de9604e7e65
-
SHA1
d4fd82143a6a166f795d89f13203397879268d59
-
SHA256
e5006bb3119a45dc698adf2f7f324f6df32bcd1e33ae62ea1649815e76c46ee8
-
SHA512
614740c9699fbeff4103dfb5d023c692db0a9ca19329650267281b74c2c7eb7f785ef0e47822a281cd6abe6c91dc6436907a7c0d1e1052aaacffc2d0766ced66
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFE/JWIJJ8il1woWAjz5mNeQJP+CnBfxqHI:gZLolhNVyElgIdl1wo5jVmUQJP+CqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_8aeacfff182f4b5b47962de9604e7e65_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_8aeacfff182f4b5b47962de9604e7e65_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\846C.tmp"C:\Users\Admin\AppData\Local\Temp\846C.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-23_8aeacfff182f4b5b47962de9604e7e65_mafia.exe BA851BBCD9D0D46882C73AD14AC345CD33D48048298F0DBFF87FF6AA6140E29CEA08B49F4D79DE37B49CCCC6062C9CBD6EFC95B2CB66EC5085B6632FCB9EC3952⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD588493591ff80c9786c3306fc9c257f49
SHA105f59c9f2e3f384de309dbc457498b6f03571b5d
SHA25699658a1362a7cc0caab9a7f17e5866726b798d372c14869e4cad0c64125e31a3
SHA512407e8c45d32294213c8ab6ad7ca6c55036688fc4712d016a4fb42422f0dab00ef100412c521297167ba9278a8362d2a3fa8ffb2fb0e8aea51c68d87d36279af5