Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
02-02-2024 15:39
General
-
Target
2024-02-02_f8f2eae320035052600e4b560f56c8d3_mafia.exe
-
Size
468KB
-
MD5
f8f2eae320035052600e4b560f56c8d3
-
SHA1
853196982f0924c058ef7b159e67937937ab1db2
-
SHA256
f646a1287b8e9ff77fb740ce2783865cda708c64f4881cb2ceca1ad61adf5d8e
-
SHA512
245fb0ee23ae7aa593544180fef3b07bd56957b80de6c73507d565ff3ab7bc6fd2a4406294feed7412153c8489512ea901ca81977e807ac3e3692c79b1086543
-
SSDEEP
12288:qO4rfItL8HGwVeIkiCDUBv86PG80zJAxqIb/VfE7bWmeEVGL:qO4rQtGGkeXUl82G8oS/V8umeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-02_f8f2eae320035052600e4b560f56c8d3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-02_f8f2eae320035052600e4b560f56c8d3_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1777.tmp"C:\Users\Admin\AppData\Local\Temp\1777.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-02_f8f2eae320035052600e4b560f56c8d3_mafia.exe 6B4F29B8A11F05024E64C46147784C109E3D5AF6A9B72915706F25084DACDCEF7747212408F7E7B38788D9DD21293C8DBF09CA4ACD1A230719201EEF267985E72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD58a55010d1730a387546dbf5744ba5ffd
SHA11255c3cd47b32cca774a212ef66f3c1207bd742a
SHA256d9b865eaa788f3c1a790f9b918e72dbb677164ce4e3b5f35a10f21aea67d6084
SHA5122a9a2dda3a6c5749278044af58d49ec4152fc1f6142a42ad33274dd9be999b4a8a67a941b92a36c0c43e0b66881bdcb14e74ccff1b5abfe41709e32ddfea8781