Analysis
-
max time kernel
121s -
max time network
133s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
15-03-2024 19:53
General
-
Target
2024-03-15_e8570d5d1cbfa4d9232a1b4a9601c8c1_mafia.exe
-
Size
411KB
-
MD5
e8570d5d1cbfa4d9232a1b4a9601c8c1
-
SHA1
8157da350dc8720f9bbb5ffb5e9ca9a79e6a5d04
-
SHA256
ba775e803be7369db3d21cec96bc84b2d6f2dd24ed6ab41e5e2ad76863ba59fa
-
SHA512
d831c00b679fca4fd0bade6c33029ec3f33444b3b129b774cc1d4ef4f1f82ddd9bb8e5e610970811b2daf257a02972863b96c04beac5d8ad6a24870209eb4d13
-
SSDEEP
12288:gZLolhNVyEZMc+3KQKTu350CnKUbXmqH:gZqhOE6B6xTS5H7b
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-15_e8570d5d1cbfa4d9232a1b4a9601c8c1_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-15_e8570d5d1cbfa4d9232a1b4a9601c8c1_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\739A.tmp"C:\Users\Admin\AppData\Local\Temp\739A.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-15_e8570d5d1cbfa4d9232a1b4a9601c8c1_mafia.exe 251287B26F04E2A892DF50308B3895CD94531D245A7971C50050F44FFDD7D04B69E291B323E7748654064D519AE0F911C4F991AD4C962FF80D654F3BA02C31462⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5ecadd8149376a8c3f008c9d06242b385
SHA11c1a9073f1917f0f58193832ba4cc968bbc4bb4b
SHA25638e9e2b48c14395ab402b30fc117267d04b309aed876c297d3b3b4c2ff760e27
SHA512ca2b407c600ecb0ac82387d3ddc608da46f8186fc360ddc9530caeaa88d50fb85495f2eea7635311c9385f94122907349f280e4d342ce253f40ced7ff377b82a