Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
17-04-2024 15:29
General
-
Target
2024-04-17_35c79a727e33363b023a84a210cf33e8_mafia.exe
-
Size
411KB
-
MD5
35c79a727e33363b023a84a210cf33e8
-
SHA1
d61819c91bb06d3ea38b7802ec5da4068bd7b46d
-
SHA256
d2e8e9529cfbd5d3164a6617d3b85e94dc45a65f708f878a01baba889362540e
-
SHA512
828208a9a5e9e2de27725e1084768d71073bf4d1452687e8a64e4345e9bf3a1a0251c8959ad5446aadb437b23900c1d42afb0c2e965d1035b7921e026cba5072
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFaZ6SB5cyi4+vZnVL3JhuFqH:gZLolhNVyEvB5cyizvjZhaqH
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-17_35c79a727e33363b023a84a210cf33e8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-17_35c79a727e33363b023a84a210cf33e8_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3CC2.tmp"C:\Users\Admin\AppData\Local\Temp\3CC2.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-17_35c79a727e33363b023a84a210cf33e8_mafia.exe 9A4F5431B226A2838081198806F4030491DFC6E8BDC7FE2CEF1DD3CEA23DCABB73C81432E673B9FEC92DA8213A7059326401C3189C6176B033CCF1DD653940F02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5a4d86d6a5c951518ddf06ee8aeb1f154
SHA118b7d5ec627459c39ba3fea8726550f0051a1954
SHA2561d034c8a3c3c6de343d7fb61aa23a8241598d7b7fca0f8db7df5a8243d2a3d37
SHA5128264fae73d7ef8d9b7bf88e3f28ece8e214c91fbf2dc9a6fb165d11aed16a1f2865d0d6e2c3b945b40ce35e7c800a76f589f4be8d374a644b28eaf8c3f07acbd