Analysis
-
max time kernel
120s -
max time network
130s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28/02/2024, 05:30
General
-
Target
2024-02-28_c60b1e557f23093aae630b9a9aefbdb8_mafia.exe
-
Size
412KB
-
MD5
c60b1e557f23093aae630b9a9aefbdb8
-
SHA1
f5b605e49a426a5215107ca21b66e30c4633cb22
-
SHA256
5269b3459fbc77a4efd0b470ac0dc536eac9fc96442d1b036d5baee49c72e84c
-
SHA512
15bc1cbfbcfe9b6c0401cca5f6433f7d0b4a03f813de220b6f5a03183534a03d83ef616277eec76639ec32da82e3014c88f90865b1556f5c7f0444d46f4831f3
-
SSDEEP
12288:U6PCrIc9kph5pB3uSKzvse0na9D3Fvkaw:U6QIcOh5psfQeQARk
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_c60b1e557f23093aae630b9a9aefbdb8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_c60b1e557f23093aae630b9a9aefbdb8_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\66ED.tmp"C:\Users\Admin\AppData\Local\Temp\66ED.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-28_c60b1e557f23093aae630b9a9aefbdb8_mafia.exe CE40A7F4EDE20230DF2575EADEB2814A718C52660344DB849E3D34CDD8ABBA7AFAA9BA7FAE6B57D52CBE391968FF7B5CB42BC51255293DF8C3038BCAE373CC7F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD50377d6c0fa416b0dcfcad37082727633
SHA1bc2d811ff367de449b05f6a0e01389d95282cf25
SHA2560cc2cb395d34e966825929f4ada9cc8b02b313f793becb485e2f30eedc7db566
SHA5121ba7784057839103a867bf519e1f801112d853347130ab1b62d54bb1d747eaeac26c1c5e6262899349ddc038de84482a1c2fd5d37f8ff0c5b73ca0c74dda18d2