Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/04/2024, 21:52
General
-
Target
2024-04-25_fc19f0578f8a6c83582d5d8dc08b8155_mafia.exe
-
Size
384KB
-
MD5
fc19f0578f8a6c83582d5d8dc08b8155
-
SHA1
ed0ad50e1eb60ecc77a008ea30943ea87eec962c
-
SHA256
43ef7490342a7176107f9683c15593e9f74bf1b1c02d59552af6cb012fc7f903
-
SHA512
8a02b8133b540550fc1456989913f17923173ba61c99248182316ad5ed9082c0933612ea0b01709dfc80f817cad41efd3f8d5416f99616af6fe7b0e8b544479a
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHYSZT3QTr2JfKe6X8JCtkUYzqfIXvtiZ:Zm48gODxbzu+TA87QWCuUyqfIsZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-25_fc19f0578f8a6c83582d5d8dc08b8155_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-25_fc19f0578f8a6c83582d5d8dc08b8155_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2904.tmp"C:\Users\Admin\AppData\Local\Temp\2904.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-25_fc19f0578f8a6c83582d5d8dc08b8155_mafia.exe 893635A46F11E673B20C7005B790D755E446558BFE8C3D023227670423F09B54A45C0E024101AE87D9AF3F6CDE343AEFA73A4970558660C7D4827B0F913AD7272⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD544c0c5eae1e8b00d753ebed78d1e9b9a
SHA1946464d1c42329f7dd845866f01573858f5bcda1
SHA256df410e30e5183acebe3510ec97c411498f1f5e257f0c0a570340021e3ce88bcc
SHA512d2ff5ef06e8064f1b9b98581bf37a25377565667a45a7113ffa153dbc2b704fa96700a8b280e02bc5032107c712dae1bee9c144de29089e21bc750ec038963d1