Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
09-07-2024 07:03
General
-
Target
2024-07-09_ca9c3ca6b591d2211d3ee9fb9045246f_mafia.exe
-
Size
428KB
-
MD5
ca9c3ca6b591d2211d3ee9fb9045246f
-
SHA1
5f48b0e17640eb85487ce7612903b5240b72f434
-
SHA256
8cbab6c99d64812499b921d74eb34f7b6d4d40ae3fbdacc11b2810a3d8defdb1
-
SHA512
8d143d164b7babb1de1708c0bd12d3f155052849ab6801fcf96fba163fde176406dc94f5a8fb4fb7de80199aedad8e3a285edb4fec10f1c365161f478e04dcf8
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mF9xCH194MxWBPWIBGd6CTnU07TyRiMaqHR:gZLolhNVyEexGgMxWBeIGNJTyRiMaqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-07-09_ca9c3ca6b591d2211d3ee9fb9045246f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-07-09_ca9c3ca6b591d2211d3ee9fb9045246f_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\C043.tmp"C:\Users\Admin\AppData\Local\Temp\C043.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-07-09_ca9c3ca6b591d2211d3ee9fb9045246f_mafia.exe AECE1323D7CD68DDC83384CD4D83284646300C52A27A2CAC9F858E7AEF80AFC573AC1DF11D31708143202B3C93E822C9BAF39264DB58236E82EC51C55CAA63F72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5547195ed36f6c38952511d855515dc5e
SHA1dd35f7b65e04d4f4f8c0c20edfc0148fae6955de
SHA256c362ab2caa8be52e94e26430afcbbd036d448814cc752ac4b24300cca0d07aa2
SHA5129352ce2ecdc1f8ece4cf25a54a77e7edc712f085902b193111629f231a7c8c98dc1e2cec46a0bd164d7f4ac1a7ce77d6e11ce532ecd1bcf03484feba94593289