Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
07/03/2024, 06:30
General
-
Target
2024-03-07_72b68b5cb885b65d08d2cfaed5a378bb_mafia.exe
-
Size
412KB
-
MD5
72b68b5cb885b65d08d2cfaed5a378bb
-
SHA1
3d40c1d8ed9afd64ef5b9b642b8e10c1822a5046
-
SHA256
5af82e0db910d15a64a60401208332e168096ab3fb43c2aefebb2cddb06504e9
-
SHA512
ece6c556d3cd7e8516379811c4a40634d623c4b62b80260ddfd184bdcf5e5deaa8bd1ea0230033d6d2388d7b42907affb334a901ed53b0d65221f5081edfa3fb
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZnzznc9ko1kqWnnAE7n1qi73jwJbsP:U6PCrIc9kph55znn9qWnnAkvUC
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-07_72b68b5cb885b65d08d2cfaed5a378bb_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-07_72b68b5cb885b65d08d2cfaed5a378bb_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\27DB.tmp"C:\Users\Admin\AppData\Local\Temp\27DB.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-07_72b68b5cb885b65d08d2cfaed5a378bb_mafia.exe D7FD600F356DC1DAD34326F44326661204F018CAB1660DBEC998F1F3174A25955BA9B530C43F45A095F63F9873422149E739A8A812AFB1F5133256CA5F88E3052⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD537d3f57b7dedefec1cd02a17fd970bc4
SHA13d988216d196fbe1a17279d5d1ae0787e20d9c13
SHA256da87d5454312f4bcb9f0f46f5d279b1f3def0f1710e0de1af44ac4b9b185377c
SHA512f6ffb9a240d62ea2c722acef6306c07613ab9504eb20447d9a682858e72aac5c0806a7212b7ead8a1f465bba3a622a7f4eb7ea041ee8309867c8b29b4287273a