Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
03/02/2024, 01:27
General
-
Target
2024-02-03_8f7c2e5da7b7a6a2f0bd3cfe38f01e85_mafia.exe
-
Size
476KB
-
MD5
8f7c2e5da7b7a6a2f0bd3cfe38f01e85
-
SHA1
1836109d605c9584245d276eb32e136c778b3baa
-
SHA256
9274051db7454d52996759646f048a501cfa8a72173d95e426e065f39dea5768
-
SHA512
043b543efb1e4f6206ad88ac3c4e9f46357d83e3e9b6f0043a7c2e0d90718a810b9e67d13dc31d079f38a1f9c057aa370e236d81bb3bf20ce87ea4252037da98
-
SSDEEP
12288:aO4rfItL8HR2vGc8at0OuJKl8vNyRVp8A37K9wlsDpVFd:aO4rQtGR2lxy4pj+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_8f7c2e5da7b7a6a2f0bd3cfe38f01e85_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_8f7c2e5da7b7a6a2f0bd3cfe38f01e85_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\67F7.tmp"C:\Users\Admin\AppData\Local\Temp\67F7.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-03_8f7c2e5da7b7a6a2f0bd3cfe38f01e85_mafia.exe 5ECD64C114ED9C2EC50F17994378CE1C294738FECFB1B27B849590545B25C7E0601E7AA970C4E19282E01C14A8CE80C6A99ACE2F7FD82C0143488027AD8715A32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD563c1991567bcfab73133f8d1c682a087
SHA11f3bfba5bf3fcaef62ca4d68b8218a157249d121
SHA256a6f11ac9fb3e8466b7f5776575b02f1a8d7c8c14384e6f71089a5ccfdcf15b7a
SHA512858902ae5ad58011b953be70249c0d1a2b03a67b6528aadfa923c8b895a9cfb18ba3370aff15423c17b68b77720cc123ed2f7bb07b005af80f60c1e341b585ed