Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
27-03-2024 20:40
General
-
Target
2024-03-27_97e1762b4df813b8ddfdebf032c8b855_mafia.exe
-
Size
411KB
-
MD5
97e1762b4df813b8ddfdebf032c8b855
-
SHA1
ef414a425a1284d38c9142d214e4566608efb3a8
-
SHA256
1fa5c1c87fde8bb22b66119700bae759850610211613467da38b6edbeca52549
-
SHA512
67303d6bdc59b74ac0e45f24fc336f22ea87a601d78d5a2987f3341a84ab4829101f3145be71e2495497d5a5a49a7479273937d4175262868f2edf05d86ddd9d
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFkvXCbug5EdHMYshEEcau+2NRbvpPJVqHI:gZLolhNVyEDyoMHhbu+ylJVqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-27_97e1762b4df813b8ddfdebf032c8b855_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-27_97e1762b4df813b8ddfdebf032c8b855_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\97AD.tmp"C:\Users\Admin\AppData\Local\Temp\97AD.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-27_97e1762b4df813b8ddfdebf032c8b855_mafia.exe 532126E9B2D730882FE60709978BEEC6A887A81BC2DF47708E3038F65058AD8EC0BA60D2556B003AF3D3F8566FED2515F642DEB4C731A70FE6CFBC2F2018924B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD588a607c0b351475bf4e1aacf720be700
SHA1159b3d9fe99e40fc54dec4fee3073fed44301392
SHA2566cddac20c99df70fb05987afe44b8a414bc1599d2b1dea5a98001bea9d54cea3
SHA5125d5f658d75832021eb2a31114065d2b17c52c6c78314d94525d3947cf8f339ada971206276bf345b16109dfc32736711b2e36631da404bdc72017a69ad148610