Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
03/02/2024, 09:24
General
-
Target
2024-02-03_27eae760e3edf2d4425b54b0650d974a_mafia.exe
-
Size
414KB
-
MD5
27eae760e3edf2d4425b54b0650d974a
-
SHA1
9d5fa1f881f28117dedc9d230e91472acb963cd0
-
SHA256
d41e657181a79cf6b1ac73517bd790933be085b1b280e9b73a2c8c93b43f9010
-
SHA512
f2812c07f9009d28019fb7f5c8f5c0238bdc0c33eab944a8bffac4766398a5d057bd737817d6dbacbe5d3786379122293358c2d84874c306c1cf6b551b657bfc
-
SSDEEP
12288:Wq4w/ekieZgU6FpTT4x34NxdajgHjo1wT3Sqal:Wq4w/ekieH6Fid4k0DoaSz
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_27eae760e3edf2d4425b54b0650d974a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_27eae760e3edf2d4425b54b0650d974a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\140D.tmp"C:\Users\Admin\AppData\Local\Temp\140D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-03_27eae760e3edf2d4425b54b0650d974a_mafia.exe 0C3DDFB1D0B6E862F0013545D6EBAFF0EC678988F5645FC12D91063B07DB9D42574761265D0834C19594FACFB620EBA0DF24DC07F51F8B4879D7FBDD01E84BAA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5a5d83072b0a32c2b544cabf75a3abd98
SHA192233c7049bf548b36b3bf3c367cff9150b384d0
SHA256e35b272b86cebbec4dc0a66dc98043bd7213964743ce37c5595125cee160b1c9
SHA512596155244b701f5fddf7e487ffd1cbb75d8adcd6bfd2823848f994871de6eda55070e09abf25c8a8c551d644ff7ab029dac661840be49b58472ad6d827a0cbe2