Analysis
-
max time kernel
117s -
max time network
134s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
27/02/2024, 15:48
General
-
Target
2024-02-27_97d35b5b886ebf1aaf22eb4fffe98d54_mafia.exe
-
Size
384KB
-
MD5
97d35b5b886ebf1aaf22eb4fffe98d54
-
SHA1
3149f37772ea73d2410ee0a6961044347c6313f4
-
SHA256
63defe2cbd2c4c2ce08e4498b800578519a59ca7bda60c74cc23382900090d5f
-
SHA512
51634bd9420a304dbd29e4aca61b1447da1f8f3c67654e181139447c22c96a40981017e0b0ffcb7e25edeffcdd6c26a7f6add151f74887e6f57e38aaf99a114e
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHwCuPJrjqRZIyMecc3otCJeKGh6ZKPrYOLnFzLxW:Zm48gODxbzez+mDeotC87kOLnVx9MRZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-27_97d35b5b886ebf1aaf22eb4fffe98d54_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-27_97d35b5b886ebf1aaf22eb4fffe98d54_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E5CD.tmp"C:\Users\Admin\AppData\Local\Temp\E5CD.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-27_97d35b5b886ebf1aaf22eb4fffe98d54_mafia.exe 0DC5BC24B5CF49BDBEAED5EC23E191019519122C8B2B425690BE3B7D47EE72D991A8B0BB094BB8D9DD40BF4622FF962C152F1F4A443F7AB76CB0B5AF6DE187BA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD55a4d703135dcea61b6c655427a0702f4
SHA17b61504e69ee4fa5bec6ff1515c820d4aeb3dad5
SHA25605557fb1afb5ed244743ad818254d99af87f6243423ace040f60f54bf6b2e8e8
SHA5120719fa47a97745ea6bc9e1007e9e255938540d83756858782ebdb309de3af1cf73c8f1f2bc69c849bf8726249f3cf662f63d03e497a95c7af6b311cdf573c341