Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
18-03-2024 18:25
General
-
Target
2024-03-18_113ba44966c2011224dedf6ee57ea71a_mafia.exe
-
Size
428KB
-
MD5
113ba44966c2011224dedf6ee57ea71a
-
SHA1
352b6c1e08cf149d248af510869a66f05f49d129
-
SHA256
5792b8581b0b10156c41f4fcd5e6f4c82ecfd0439edc8e945ec9faa47215b50f
-
SHA512
6843b19bb739303ecad2205daacca53b6660c803dd73212c51aa314c3b4488615d7cca1e61f54e587551485a0386fac93d79d349bf8e774e469c9a46c2a609d0
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFGfu6h0Qm2vqNMuFZOoAWLJX92texQ6qHR:gZLolhNVyEPdhnvqSSO8L5otOqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-18_113ba44966c2011224dedf6ee57ea71a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-18_113ba44966c2011224dedf6ee57ea71a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3C07.tmp"C:\Users\Admin\AppData\Local\Temp\3C07.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-18_113ba44966c2011224dedf6ee57ea71a_mafia.exe EED7C28411BC3DC8A3F7B124A52C16E93D24BD4C920B773BC2DFD601C925E80ACA54FC4A7CA683A496043DFD2698341047866D9D34FCF9C94C0E89D986F1B43B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5fc71111d4b61887bf0b789ecdd9f3bb6
SHA14340ae48ae693b580fbcce180aa90ab3511b3138
SHA2560f2b2a7b4ddfdf2cef880896e886efba9a4a7c424bb7b2f78378a90ece0a5b11
SHA512d419f05aba46b4d812bd9d807edd3c0029d0634aa2948ef39800bc91548a1f08f97f0f9d7191136d15113a56fa91a97e92726409fc7d5a9476d613935c6d66b1