Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21-04-2024 09:33
General
-
Target
2024-04-21_7b148defaabdcbd93d591c0128176036_mafia.exe
-
Size
412KB
-
MD5
7b148defaabdcbd93d591c0128176036
-
SHA1
a0a8445823093770daceff8f7541ea5b9934a326
-
SHA256
c2f161fde0d96093b251d94384b4d88eb78f3c7f4e855876979852cb92bfbe4a
-
SHA512
f2b3954b9519f09a8f4a0df7b18aa97e02534bd22cac69526c8d9457fb3acc3d47866d88b413c3c0a2957c2e814cd19e3de23061fd006e7a58f2f324377ffeb8
-
SSDEEP
12288:U6PCrIc9kph5hRp0yh0f1BEpb+2qlKNI:U6QIcOh5nSyh01BM+2qlKN
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-21_7b148defaabdcbd93d591c0128176036_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-21_7b148defaabdcbd93d591c0128176036_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E24.tmp"C:\Users\Admin\AppData\Local\Temp\E24.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-21_7b148defaabdcbd93d591c0128176036_mafia.exe E832050634122145BE88AEA74DD78F514FD7C7E964D05D141B7E48C7332ADBE943E211D9E7531F1D92F7D8A3AB66A5D686734854D35A0515DBBF6FA872135D612⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5bb8825ecdeee8bedd950bedd8898fe92
SHA1e756b0091e70cb79604281c010b8f7799ce8b8f2
SHA2569ba0a34bddfdb3f0d4369fc3baafdd0e89cfeaf42fe9a62eb005efc5b5b6f98a
SHA512452ee81478bab517d9e573995c84dfbecd9adf511e18f8a4b23761610b4372f06f5652667d1ccbfce6f3d22f9d90d09ddfe812f65c6bbccaf115bcf914b21c60