Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28-03-2024 02:47
General
-
Target
2024-03-28_9d78bc1ef6bbbc2694fb7d1fb4b51a83_mafia.exe
-
Size
428KB
-
MD5
9d78bc1ef6bbbc2694fb7d1fb4b51a83
-
SHA1
2da7d0f4e2e30c2639c36f161b0c7532199bcd6c
-
SHA256
5af0b2b721f82780b569a9b528e5a33bec31a4a7f67d3c7a13265997bc6c7900
-
SHA512
899ad11f3162a43125ef983662547e590195103ebf884b15f2a196919660bc35d05f17178abafb739278cad8e3caf3664821794e1102a5427ca0de730e5da3fb
-
SSDEEP
12288:gZLolhNVyEZ4nyfyHk2IyENWL2kpmEDuwqHR:gZqhOEZu2mENWqrv
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-28_9d78bc1ef6bbbc2694fb7d1fb4b51a83_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-28_9d78bc1ef6bbbc2694fb7d1fb4b51a83_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2AC8.tmp"C:\Users\Admin\AppData\Local\Temp\2AC8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-28_9d78bc1ef6bbbc2694fb7d1fb4b51a83_mafia.exe C0A97EF8D067FDBE3BE02D901FAC6E7E2117D0C8EB12D30C589C922D21D5B18C779CF294AF91C2E8B8D6DBB6CF6C7E1F41CC7AC3C8E5C8BAF102012D379B78642⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5330d3d42ab3cebd8fa7e39198fa30367
SHA17fabc2317cc4818232c8810128f5a746904d51c9
SHA2560a37d33c2cd2deb25c064415fe3b66ac0915076ea647856c761cd9fe99f2ef77
SHA5129302cd5d1147c83a8e8f2c303b1a17b206291926bdff3f8951016d82ee09f20056cc575f5bacdc385d303ce766171cb284eb53ca1007fb8065b53940b28e5c2b