Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
12-03-2024 14:34
General
-
Target
2024-03-12_68407baa69247833bb8f3f6063a73a83_mafia.exe
-
Size
384KB
-
MD5
68407baa69247833bb8f3f6063a73a83
-
SHA1
2a840b49f6402376a3cad5d8f6dc2f25b1b2ba48
-
SHA256
e8a4aa690fcd4ed677a1c41264957ca814261886a5662afaff8c47ef6b3b7772
-
SHA512
e345888353a8dc0acd53d1f3eb19b16701fa0f54533c077b791c1ee5db86cd7c2493da15318e58d8835ab3d5908f373df6e47e2038a78ee552512d7a5f22c317
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHfKpEUwoCF7Kel5pdwtPNKwfvoMCZ:Zm48gODxbzStwoCF/vwlNKwCZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-12_68407baa69247833bb8f3f6063a73a83_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-12_68407baa69247833bb8f3f6063a73a83_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\19D7.tmp"C:\Users\Admin\AppData\Local\Temp\19D7.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-12_68407baa69247833bb8f3f6063a73a83_mafia.exe F5DE9CD6D6CB57B05C937CA440792F44135F93B0D707B20B0F18920C44EBFA21B4CB1A9C2F4FEF232252B5D1F8E3F4CBB866FC6A7F751140A7E1BE88E31247962⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD53b27296d327f333dd684a734fb518fcb
SHA1a613e1a2a95ebd97edbb675dba0d5b61c76f026b
SHA256e7262969c095d8d5d1877c953b33b7260908c2f16cca290eabd3fdac72aeb9b3
SHA512e4f825f82ad1a5297abaa0d54f95e01feea917f46fa0d95a42765de68b69c4fa63a25b6b82b5e77eee65041f29f20ad0542859983c6e6d9ed2f2873630cf0e35