Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25-02-2024 15:47
General
-
Target
2024-02-25_b6cefb3fc1e2787e12f22ea644c1f5ba_mafia.exe
-
Size
411KB
-
MD5
b6cefb3fc1e2787e12f22ea644c1f5ba
-
SHA1
c386e8a6a4e3eca5550ad3d3027f4bdbf4999dc8
-
SHA256
e3e52f7a98e81531bfc379e35f32173f397d91de8419146407f327f636f970c9
-
SHA512
8b6c314b31eb11ff3d521154d38dfe2219b5519d8eaa356117ba23f9278f0d13addbc6ed35b646d7b2e3eea5a5c56f29ec6023f3d41f5bb4fcefe7f8da507129
-
SSDEEP
12288:gZLolhNVyEFdOv8R88U9p6kzWznWpXGWAaqHI:gZqhOE/6GnzWpXGWL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_b6cefb3fc1e2787e12f22ea644c1f5ba_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_b6cefb3fc1e2787e12f22ea644c1f5ba_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2108.tmp"C:\Users\Admin\AppData\Local\Temp\2108.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-25_b6cefb3fc1e2787e12f22ea644c1f5ba_mafia.exe A1D9F631A17E668346B5C00372F971C24A1B359E20FA3F0C120F35AA383CE102CF51C16C75A5C90CBB5116730672D08D0A9158A1ED5E8B238E51DD8A571268DB2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD52b04e518f7cc5732dac0d1baee02f662
SHA130fcf2a42d373dd80c0221ccea69128e5afcd9ea
SHA2569e906aaa8a435876e695a7e72bec142dc0dd304019696f72c2dce7cd7c8b503e
SHA512e0e5bf1cb7e91f271d13b07d8e9921b04f9c8f7f55d70a25bc2f5869dab82fb5249d7176ae24f8af5fc8cff08365b40b5ddac05f741b38ff2da4a7ced45da36f