Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240319-en -
resource tags
-
submitted
18-04-2024 05:44
General
-
Target
2024-04-18_c05d6099dcbcae7fb37a0898539c314f_mafia.exe
-
Size
384KB
-
MD5
c05d6099dcbcae7fb37a0898539c314f
-
SHA1
3af9f6aae6eb7ef7f35ccd4841fe945108a4c31d
-
SHA256
78d7112610285bff78750e3aaef8dcb18546a1b70a3a59be6846cabe3d580637
-
SHA512
233f62a322279f674c265b96e94eccca03a96744759d94d3e340065f20ac5d34c103012c46724d90d48502dd031db8c9184b09b1cc2d08939095cc462aa936f4
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHxlKRDnxe5CPfZqStyAsKQBZKBvH545S8Z:Zm48gODxbz5Cnx/PfVy/KQju54E8Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-18_c05d6099dcbcae7fb37a0898539c314f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-18_c05d6099dcbcae7fb37a0898539c314f_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5CFE.tmp"C:\Users\Admin\AppData\Local\Temp\5CFE.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-18_c05d6099dcbcae7fb37a0898539c314f_mafia.exe 47EFCCD5D62B00C44462D37733275092B0D3502F7647179B0CC9693CE4FF25C33AA38ADA84020573B49FED2AF0ACD8D88451BCDCEBDD88594F493551A2B2FDBF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5b3963058c9ab645e222dca2ff150e2b7
SHA1ba775d7768377dfcb31daaec34835f67a0c9efa2
SHA256345d50fc1709fe9789fc80ad626c9b389f265969aef7970e11af345f99f2a628
SHA5122b29cdf8def02b26f9aa6fe8fe17d0c8293a11e6291adc1fe6a0d9e0a0e4aea44aeaf7870e468af174a3ccb6294a508b2f0c0ff70a30d5056cab039fbc4d4aeb