Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
05-03-2024 18:39
General
-
Target
2024-03-05_d7125f11bfca3d89dcea630ddb46fe5d_mafia.exe
-
Size
411KB
-
MD5
d7125f11bfca3d89dcea630ddb46fe5d
-
SHA1
cfd1eb37cf22b942589fa72fc9942923f1b3a458
-
SHA256
bd3c3ee79dd343dce0ffa4b08c130fa8915702937192a3edd8ff5023b5cb5398
-
SHA512
b187420b835b60d81636b9beee9ed6c2614f396ee09c66291f5c4416b63e36b636b622ff45aedb255198a7a8b917bc88c27c07bd4e8bf06886991de91a64d00e
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFGjIQtGHNue4DR1+0fFC8b1gsUhqHI:gZLolhNVyELs2w86ab1aqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_d7125f11bfca3d89dcea630ddb46fe5d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_d7125f11bfca3d89dcea630ddb46fe5d_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8F25.tmp"C:\Users\Admin\AppData\Local\Temp\8F25.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-05_d7125f11bfca3d89dcea630ddb46fe5d_mafia.exe 8B0440C99CACBBC311C1F54CE42E10C763062CECDB24C24503DD26CB772E960679926F642D7C1A18A67DAAE3B48070C093E3C6A47ADE68C005C83989696E919F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD51b5eac8f5deb544b2221fadbdbe16cb7
SHA164b627a05617f8acf095e2888f98193bad2aa982
SHA2562236fc77006be1ef21cab82bdacf17f5d0515649cab1c92d3bb7503695bf3147
SHA512508117cf29e67e30ffb736a2c7f6ed15ef98482021dd1dcc9c22ee8b59e567eeeb1891983a4ad4a6e3c85796d049856c9a61b7d49b72d211c5d0c23dbac78cc5