Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28-02-2024 05:10
General
-
Target
2024-02-28_88f941bddcd8deffadbe8744e44895d3_mafia.exe
-
Size
384KB
-
MD5
88f941bddcd8deffadbe8744e44895d3
-
SHA1
308ba78e5b7bafd0c4799b6ec667889d36adbe1a
-
SHA256
6a01660c3577b31ea60eb02967e4215f7899755e1cba92dfb0679ba4827b8f35
-
SHA512
d8063acfab0999fae3d632edcae1498c9b66123aa106cef54d5db0eb91e38b7b709a0df09aa21a62d6201391c736ca4135f524112305512727a0d16fd6ba5e90
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHtWXfoudKOVyg3vMfxSJBxmEXsePyO2jGaQHzuZ:Zm48gODxbz6AuZm8VZXseaORTuZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_88f941bddcd8deffadbe8744e44895d3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_88f941bddcd8deffadbe8744e44895d3_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\51D8.tmp"C:\Users\Admin\AppData\Local\Temp\51D8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-28_88f941bddcd8deffadbe8744e44895d3_mafia.exe 812C4F9D85ED12B2EAC38C8AF182E6CC883ECE9400945A74405E3D259324262B1B4B8DB9F7CFA141AB716AF1A804EDC9B89FF1C4F1C2225CA3911175FB5514C62⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5ca9e24a2e6bf71320bf02cc46b89f0a1
SHA1c44c3c8ff551b0862aaa5988482f37fef5f720a7
SHA256a30f6a0a844a1cb34f9b203c658ee4c94dc5a55a6ab37812fdb07fa4c257f500
SHA5123c6a8eb5003e7281135e4e197af68dbf6ee9d3c41add4659d60d1511b61be0fbb864576b12e50b5239ae0fb181a0bed31bf6a76d1a53fd1256a91f5fef033dd1