Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
17/04/2024, 21:35
General
-
Target
2024-04-17_2f5b0b769b9d29c25fe6bcc4be01dd77_mafia.exe
-
Size
412KB
-
MD5
2f5b0b769b9d29c25fe6bcc4be01dd77
-
SHA1
1fa60a9fda1422db35e1937817a54b2ea9b15d96
-
SHA256
3382a9056584b16df20ee3a03471f465ac954273a75ebca6c4e199613e14bc54
-
SHA512
e10b2adb6d3591d5cda9e62a3dcb84a53ec3667a1c2e21df221a74029dc01dba9dc6649959d309e4d8912dfb9d9e1e25a001b32ad3771654df5bffd4a776b06c
-
SSDEEP
12288:U6PCrIc9kph5LfkxBY+HrjMuIpOwT3z5:U6QIcOh56ZHr4pOMD
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-17_2f5b0b769b9d29c25fe6bcc4be01dd77_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-17_2f5b0b769b9d29c25fe6bcc4be01dd77_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1F34.tmp"C:\Users\Admin\AppData\Local\Temp\1F34.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-17_2f5b0b769b9d29c25fe6bcc4be01dd77_mafia.exe D29E1E12640E683B8A11798A36FD547A01A5785E40E5FCDD22ACEE7B8AADC40CCA0C83300E058F6D394E573FE4276334571C2512274DE5A8BCD330924418405F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD51b299ed3405268aba48a535d93955d9e
SHA16d1a0399b78f4ebc8384f33cedbd01a8a4221f23
SHA256ea2df45f1d984401aeb711ad3475bfe7e747a20107c58cda7568e48654957cae
SHA5122d3d5c231c2baf2383aedbd0daea12de2178b6583213c551633a944fe2e0aac8666f26cfe5b103065cee96122b5adc185ec10acc4d307cffcff19c3ce8768691