Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
04-04-2024 22:24
General
-
Target
2024-04-04_23ed6ce043d41cb586caa574f241e58c_mafia.exe
-
Size
412KB
-
MD5
23ed6ce043d41cb586caa574f241e58c
-
SHA1
062306e86c41e0750fa71ca31cce186b0d8f4b16
-
SHA256
2c13c61898e1524b957537318b7910550fde1e557aabaf3637d3191c681c838d
-
SHA512
7a9581cbbf2466d1947eaa2fbb5209e6dfbdaa54da6eb3d0a2cf3ab9cd25c11ec8f828907d48d9ca153c7ddea2efdd8094b647a8bdedec403ff2290dc521f1d4
-
SSDEEP
12288:U6PCrIc9kph5DD54vnzPVA9prhzOfTx2prkPT:U6QIcOh5qfzPVA9pdzOgrk
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-04_23ed6ce043d41cb586caa574f241e58c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-04_23ed6ce043d41cb586caa574f241e58c_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\C40.tmp"C:\Users\Admin\AppData\Local\Temp\C40.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-04_23ed6ce043d41cb586caa574f241e58c_mafia.exe 780097F208F22576392232770E80646126EB6F87316CFFB404B5BBFE80115B1D7FD372054DA949BF4BADE02C3F73205CBBBAEA5A0C1A4D47C48C35D26A5C8BF42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD588f3c4569b5f316dcbd3464e8c978ab5
SHA165eb6aed38676cb66613460567029b1a155d324a
SHA2567d228d3faf64238a67d294ff66ed602fcb512d0fe1cc00229513707dba2effe8
SHA5122c02cac36beba8b9e7bb3cb45dd1fd18bfbd9c3a68d431259873ad2e32597ac35eb2113c93d0ad53acc7ac4a6b198276761accf9795947a912c834a45495ac9f