Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
10-03-2024 05:41
General
-
Target
2024-03-10_2c738dea3023117ee00b87078ca0189c_mafia.exe
-
Size
384KB
-
MD5
2c738dea3023117ee00b87078ca0189c
-
SHA1
f2de6f6a958f711df127220ab25fb11e470fe14a
-
SHA256
0d1c3f05db540328363572f8fb2828f3bc94048bbcc555f6ef16575904574c0f
-
SHA512
bab27043e856e5b86c83cc7b0db16fbda835d835cbf9b4f148b975cadfb2d4b89bcf8b4e41593837d5be6e028477ba89f5451b47efc724665b38493f821da6e1
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHo8e2fxPSHVU4OsuZw1Jlfj3k7bIuZZ:Zm48gODxbz7UVLOsuZw13fbYbRZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-10_2c738dea3023117ee00b87078ca0189c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-10_2c738dea3023117ee00b87078ca0189c_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A3E.tmp"C:\Users\Admin\AppData\Local\Temp\A3E.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-10_2c738dea3023117ee00b87078ca0189c_mafia.exe 9F90F7AB447073572047FD67DAACFC426D727582CCAA12091C02C8EB79AC6F2D272BA42025812C00A745455E9530FA593956DEAEC8624F67A7F08BF9FC8E953A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD58ebf3610a5104d8cb324d10b76417907
SHA1e38e359b7b583d56b8771f03f480e64312ba95c7
SHA256d7f97a77333144de96191b14871bb1e4e929b4930c8aa17b0a987c330f0281da
SHA512c39b5ca11525007b2181662e30535e7f5d8858f353eccd2dab639e7447ea73c98c0269274c0d01efe2da129602a41dc4eac35a36b471d74de0f461a5dd5ed98b