Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
16-03-2024 10:48
General
-
Target
2024-03-16_846071ca6ee579ca8584a12562592b46_mafia.exe
-
Size
412KB
-
MD5
846071ca6ee579ca8584a12562592b46
-
SHA1
443cd6417f69232cbfa2f23e72364be7b966c022
-
SHA256
fc2dfc4002cdb3f5f1494fe244e3e9925c1ce52479c8df2d2e5a7c18586408f5
-
SHA512
263fe053df61aa685252046a15f2529fb97190e11f3d92e84c7462cefe6b344a1436ea7aa91a342545eff9871d12bdf8f43be5d04874faa09ee865e175181174
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZnL/0+FCDViixVLb7XebzkvLjgP:U6PCrIc9kph5J/0lxlbybzMj4
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-16_846071ca6ee579ca8584a12562592b46_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-16_846071ca6ee579ca8584a12562592b46_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\19F6.tmp"C:\Users\Admin\AppData\Local\Temp\19F6.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-16_846071ca6ee579ca8584a12562592b46_mafia.exe 93EEA4890662EBDCBABD16CA5CDA354F033CC007145BF1A05044EBF91E68E1176744DE462C59C2AA3D88804C8411C6BB3189BFC18326C4020D5166C0C2ED6DD82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5025e1ff1a8eeffc369c1b014b7b6c287
SHA121d24fe16c155d9a6ac378bd313c84f88993ccd2
SHA256debc25b7d1243c47bd2bf38b2be101f348840e9d0f49d4740840caabf5c80b6a
SHA512ebd6df88686f04498ad8093d8eda2cf1fa1a8af14f5b8f606753528738ef7c60b979c95d0f29c608c087af8c670278d70b07dd8d7c977504c3bf648a4463d1c7