Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
16-05-2024 20:53
General
-
Target
2024-05-16_be2f8bada2175d4a1d4f3df70bbf93a2_mafia.exe
-
Size
526KB
-
MD5
be2f8bada2175d4a1d4f3df70bbf93a2
-
SHA1
75e7d5de26301d0c8534afc9aa4fe6ced76d32cc
-
SHA256
b025383f48719ec12b83487f1fc81dc2a79be86c9017ebf7b5d20695351aef8b
-
SHA512
1c36afd155e3ad01344c09525d670a43d702d882e879bf4ca3b741973033f9639f34c415125f34e3c676ab05e3b8426d32c11742691900ab0326fbd52487ac5d
-
SSDEEP
12288:z6PCrIc9kph57Qi/0Md4dxsG52b/IoHPoz6Rkz:z6QIcOh5Ei7OB52b/BHi/
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-16_be2f8bada2175d4a1d4f3df70bbf93a2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-16_be2f8bada2175d4a1d4f3df70bbf93a2_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1536.tmp"C:\Users\Admin\AppData\Local\Temp\1536.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-05-16_be2f8bada2175d4a1d4f3df70bbf93a2_mafia.exe 480258FB0C0D2BB341BAD38D3A2B79BA7F968BB3E77CBFBFD87383BD41B8CF3188A3A458D301244241B7513825004DD0E3EF210ACE1D08E2EFF282FDEEC052AE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
526KB
MD5d320fc30ee0b487cb552a200c42e027a
SHA108fa2db542d8013520a137c55c2c981c30a3c2fa
SHA25611869948f8cad10a1d302f06dd7535ce25837ace2b7d25a59616d617925393bd
SHA512e2fb630ec17673898549b476485308db63b98f3990b6b16b0e1b633a245f6c98e915535aacc61423cdea0febaf854dfac7a16ce38af84c2fbec30b8b26826df5