Analysis
-
max time kernel
121s -
max time network
129s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
08/03/2024, 13:27
General
-
Target
2024-03-08_1d547a12568a608c95a916be83e85c3a_mafia.exe
-
Size
428KB
-
MD5
1d547a12568a608c95a916be83e85c3a
-
SHA1
96edf7f1691f0dd3aa47016c603197a95e198c0c
-
SHA256
a26ea477f70c81be623338a3f0ad8ffc7a6d6672c74722fdae5adeace2d63bd7
-
SHA512
b841e48f6532542010df0278f0d4a1d4f555db2a443c1bc51ff1d573cfd7c913a4df52af84546a1585e13172d8c722d5f0eb285e3ced79080dbf446e9bf6104e
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFSyuqlpi8SB4iZoZx7hkhaGMbXlgx1VqHR:gZLolhNVyEae8S+nVkhvGXgTqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-08_1d547a12568a608c95a916be83e85c3a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-08_1d547a12568a608c95a916be83e85c3a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6A47.tmp"C:\Users\Admin\AppData\Local\Temp\6A47.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-08_1d547a12568a608c95a916be83e85c3a_mafia.exe 81905A44EADD87513D529AC9EFE46E585D830DC784D2C441BCA673A1245BCCF4F46B9C643110D3D5CE52A48408E5BB0D98E41BA36BDF5E360AD958809C63BE8C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5a011dc480201a08e4825ee64f52dd96d
SHA1482136a4b3fe27bb7002da86f000fe856133fa95
SHA256a584d610f14d36d837a17ac92dd32704656c51af37155414c969dc0df3600fd4
SHA51273481a664aee3010f22f54818d4494710ddb8ced0f94ded5c1db342fd64da1a328af9e1fa9b24f6cfe7e0862a39f62faddb051a338eccca0a399c1c04dfc58e0