Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
28/03/2024, 20:58
General
-
Target
2024-03-28_da3b3335b722d31a97d243b5cb0fa67e_mafia.exe
-
Size
412KB
-
MD5
da3b3335b722d31a97d243b5cb0fa67e
-
SHA1
b53779714959d76e01b80972abf025efaf7ab918
-
SHA256
4fbcf094cfd8d6d1aa856981c8039039468455f0a51fd66c4d1335294da1e9f9
-
SHA512
4bdb55363f70e4153706671356dc0bdaccb3a9fe6e32783b477f3e2affd000095330b651075d206ce8afc97f830f771b7a08bfe322492beef15acbdf9e5bad0a
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZnPQBDQ1FGC1vFbJ5gS69j1qWfFkUTuUP:U6PCrIc9kph5RQBQL1n5glj1HuU
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-28_da3b3335b722d31a97d243b5cb0fa67e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-28_da3b3335b722d31a97d243b5cb0fa67e_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1C09.tmp"C:\Users\Admin\AppData\Local\Temp\1C09.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-28_da3b3335b722d31a97d243b5cb0fa67e_mafia.exe FD3B367065866F2F83723A9301DC9BE0E94B456FA09B67CA4E667B93F68D3E37BFE02896E380EC56BE649CA591EABA6F1014D37ACE6948956F1B54D0638233BA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5fc768c1fa586ab6e17a2a8198786be48
SHA13cfdf2c3cebeb0a5f43abbb436cd36351169b79c
SHA25625f5d7aee684b11dafe9d0db8e9bba2e644864d42c6ab746a2f57d6633267b67
SHA512d98c2e30fab1428375bd0402e717d50af91abe2f46f0fab3b9101efba6c4b8386215806052d78536d55442b7a709cf05058e5f13109e3d564e514674391a87a1