Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
13-03-2024 22:23
General
-
Target
2024-03-13_1c92191c236d0de48411200c27225bd5_mafia.exe
-
Size
428KB
-
MD5
1c92191c236d0de48411200c27225bd5
-
SHA1
773804053bf51b64562aeb1a4fa48a5e5bcf17b5
-
SHA256
716c7c755912cab866853f0e91fae5a58325eb597a3b1c48a8ce65dcd0072c13
-
SHA512
183d828990a8d4041c58a46cb246a760db169b1a7325079828d1a000bea4c25d803247e2ee43cb95c7c6cb06d805025c58c6da9cd65469a4b59b88fabdcbd7b7
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFnY8Hw0+ngvh+cOZx64DlyUU1sGMurS+2qHR:gZLolhNVyE0Hw09h2oVtH52qHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-13_1c92191c236d0de48411200c27225bd5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-13_1c92191c236d0de48411200c27225bd5_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\79F.tmp"C:\Users\Admin\AppData\Local\Temp\79F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-13_1c92191c236d0de48411200c27225bd5_mafia.exe 34EAC765E858F1B0AEEED6E9C06F6BF2FB7F91E866E73F16B5E7FC25A8D38CE0E660E247FC954EA1BC0FFF3409430446AE3E3FE1A952F8367EE9A8FE3F3F34882⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD51b6c3e2aa2765715eafffb1b6c72051d
SHA15a8e2d1492c5ce715bd9b45c0d2f937fabf90919
SHA2560e18017ddbb5ac30523a090ba22ee7b3682107152c9fa01d1d6f8abea2be9ad9
SHA512d98d09b4fe1514b79842fbb39925b7fc7eb4958d79546cfe6cf2cae28647e598a20a934cdaacb711e0660b2dd562d29134be12bba98d6be970d4bc9c07fafd9e