Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22-04-2024 05:22
General
-
Target
2024-04-22_d23e1424b48b65de7f11113a67b72399_mafia.exe
-
Size
411KB
-
MD5
d23e1424b48b65de7f11113a67b72399
-
SHA1
b09f5b06665a564a37edece444cbb98c03a7ab37
-
SHA256
4de9d9f68fdff0ce0bb2de021bef4e81c7cd1cac0eb369317083c7a6b38c75d5
-
SHA512
fd075dffc2b29e52c117b49016c405b3e84429932dd0530c695060f973d957ff8f066acf7ff6ba0d87dd12bfa6807b0049cf580221b77c81ebac264e0081eb7b
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFQQeCPBuhTc9kdmpql4ulM95QRIVqHI:gZLolhNVyEMEtcHA29aIVqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-22_d23e1424b48b65de7f11113a67b72399_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-22_d23e1424b48b65de7f11113a67b72399_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1851.tmp"C:\Users\Admin\AppData\Local\Temp\1851.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-22_d23e1424b48b65de7f11113a67b72399_mafia.exe C2B8E96DCDD1801321E05A0E56336DD547198410D9F22EEF6D108E9B02ACA35AB0A3202CF0B60498170BDE5A63F4D518537F8B1848444A9BEEBE742C28C13DDA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5009cf63850ef25951bdb5e651f36281d
SHA1e95b7c67e0a0ff7d4d36a52c0140238f31c664f8
SHA256139fe71e1a225859013ee6ea05492e6a51ca3235064a3064012d21d63dafdd51
SHA512db16319df25490387571329bf7c84f070632744a1d90d145fea0b10de7a063674a5d2b15c7bc52a554b6c30167c0e401a6211f40e08b4ecd03e81a4d7e27dabb