Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22-04-2024 16:50
General
-
Target
2024-04-22_c2e7539254ad31c2b62da3144e5558c6_mafia.exe
-
Size
428KB
-
MD5
c2e7539254ad31c2b62da3144e5558c6
-
SHA1
b9c1cfeb286f5ede6d4ae8cfe33c4d25b169d101
-
SHA256
a5354d498f0b4904c129a5ce8a018a73b72c52a0c800856fbead2752305e3a8a
-
SHA512
d57ace2c403f396d6d63248cbd38df41fa4230c22c4506a2ea962571b2cff1ce18f060b40f00de123af5f0a5a171040be7b671293851e3f6116826d176f01ba9
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFeLSbWki2Ee4JDP/KH6282xZbbQvDrVk6qHR:gZLolhNVyEDSQe4JD3i692xZOFvqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-22_c2e7539254ad31c2b62da3144e5558c6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-22_c2e7539254ad31c2b62da3144e5558c6_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8749.tmp"C:\Users\Admin\AppData\Local\Temp\8749.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-22_c2e7539254ad31c2b62da3144e5558c6_mafia.exe 4BF18D4C985BF32B94028E90660BC645235B6251D686A104F4AF2209CE34D6BFF4906AFED6ACA8012AEF4C4719726065634FA4549A4362069212027E8466AD342⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD56d9538f0e1b50b86e47e787b712882cd
SHA1a799f6ec0291185cdc126783f7d8358cbb5dfe91
SHA256f42e9b41f5c34b639f5549e8361486ce6f2357ffdc4a1c23ed28ee176c2c11bb
SHA51269089a2c922eacad369a19dc1b865a55fc2fbd12990a66c89d51584a8062480d1ec7e317910c435e960b73cc1f419a5242218778eaa4da0f787174b68aa90f1f