Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
13/03/2024, 02:49
General
-
Target
2024-03-13_ff77a8061474dd5d1135cfffa7c12329_mafia.exe
-
Size
411KB
-
MD5
ff77a8061474dd5d1135cfffa7c12329
-
SHA1
c7b65aedc4edfd55a39e4d05d1703db72df4a0e6
-
SHA256
caf0931d0b3b5a81629e839c382b8835228c4c8d53cdababf7d2503bfb49620c
-
SHA512
abd54b987f703f9d4359356c18094418abcdbbf4778408b9efbc52482de86020408ff86b54f8ae20d9411396a44f6d5e23ecc84c2da2f745d21d350dd080f01d
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mF/9S2KWjui7WuWwSrrCSQYMh0ussjG8l4tt/O9qHI:gZLolhNVyEyVCvwevMhcsjNwt2qHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-13_ff77a8061474dd5d1135cfffa7c12329_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-13_ff77a8061474dd5d1135cfffa7c12329_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\77BF.tmp"C:\Users\Admin\AppData\Local\Temp\77BF.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-13_ff77a8061474dd5d1135cfffa7c12329_mafia.exe EABC456ED6E7EE8FEF014B1AFB7502EC3B27B964D651C4CEDCADAF813042B46979AF89F720C6B6DBEB12B0B3E7C2883F0D9D3D0B04C973FF35F95E6C9E3EC9672⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD53a2cdefb32ffc330ccc12403a50268e5
SHA13c6a5c170284195560724d06b0256040b38ce8f2
SHA256772146088bdfca2612e06422c0e79849ed04822c42e881b123a5614ffe8687d7
SHA5121eae2214659de885e3a428aee09c715300201759f65676bbdeba52672a91dbde2f27a52639dd0e39656bfffba995a069b0fe35cf796716bb20ce996227dc79ec