Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
16/04/2024, 13:48
General
-
Target
2024-04-16_5e180d5327fbafe9059fb3c791fe9a77_mafia.exe
-
Size
413KB
-
MD5
5e180d5327fbafe9059fb3c791fe9a77
-
SHA1
5aea38ac8eb1bf15fb567480f8bca88d9c3f1e68
-
SHA256
057ae3b998a657ea79e2462f0ad615cc2060634ee2c3e020cc00f07a3a69fc59
-
SHA512
1d2b68587f31c12f80b19b649c4dc35c3e4d31a9ccd678ec725ed15b14b594db7d175e6e5c42911cae6e2f99c458e87bbcad6179b2f508f2166594f9ca065b24
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFS4y4sckcGykVnXfXpQjI10RzKBdqHg:gZLolhNVyEwyqk5zVXPKk10RMqHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-16_5e180d5327fbafe9059fb3c791fe9a77_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-16_5e180d5327fbafe9059fb3c791fe9a77_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8611.tmp"C:\Users\Admin\AppData\Local\Temp\8611.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-16_5e180d5327fbafe9059fb3c791fe9a77_mafia.exe BBAF5C07A780816159D414B2E4A2388D5CB50B0CB48E8558BE4E095B2FC56D249A9F15BC54C861818D15ED78D2454DEAA2267A4686CA054DF10B62E5C84AD4E22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD515a2fd68700b395f4c94eb995666c796
SHA15c902d20c89b739843d2d5967b0c0d3379bb487f
SHA256f6ea12fc29c466ae727f635f15811ae129212e44c721fe7073050ca109c10785
SHA512d3802f172c56f2cd980735d132b65eff44a62d5a25b56b02da8a34bb4ccc430b436cc17afe68b14d613fc2895530c03f451804ac001375eb4bea29400f1143a9