eb03362c2c4bb69519631ca245272240ce521f7e387b0e5c4b1cab3bf1392b2c

Analysis

max time kernel
119s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
03/02/2024, 19:32

Target

2024-02-03_adf94e922f4a23a3bbe19c60b832563a_mafia.exe
Size

486KB
MD5

adf94e922f4a23a3bbe19c60b832563a
SHA1

acf81b6f917490f5c678060b4be45daf4d33de0d
SHA256

eb03362c2c4bb69519631ca245272240ce521f7e387b0e5c4b1cab3bf1392b2c
SHA512

c8f5313bdbe470ec6644a283e07032fc2289ebe96367396ec0af02d0ef24b1a7f5217e5dce8dc98719946c81d9b9390f9e13b849341755a69ab5281454c7a397
SSDEEP

12288:3O4rfItL8HPvpGhj2S2e0Sds2b1bk02Okg1hGk7rKxUYXhW:3O4rQtGPvpGwBQdv1V2Dk3KxUYXhW

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2044	4DE2.tmp

Executes dropped EXE 1 IoCs

pid	Process
2044	4DE2.tmp

Loads dropped DLL 1 IoCs

pid	Process
1936	2024-02-03_adf94e922f4a23a3bbe19c60b832563a_mafia.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1936 wrote to memory of 2044	1936	2024-02-03_adf94e922f4a23a3bbe19c60b832563a_mafia.exe	28
PID 1936 wrote to memory of 2044	1936	2024-02-03_adf94e922f4a23a3bbe19c60b832563a_mafia.exe	28
PID 1936 wrote to memory of 2044	1936	2024-02-03_adf94e922f4a23a3bbe19c60b832563a_mafia.exe	28
PID 1936 wrote to memory of 2044	1936	2024-02-03_adf94e922f4a23a3bbe19c60b832563a_mafia.exe	28

\Users\Admin\AppData\Local\Temp\4DE2.tmp

Filesize
486KB

MD5
1125ec748e939285342f78d39c87628b

SHA1
f85e30628646032b0cf39164913822c698953ad9

SHA256
64e6c0c45f30a7d5a1cd5b34e75b7b229f80e62ca3abec857b25d2fd895b9773

SHA512
252dfd520656103cc2908e2395a30981b27ca209c84042c1ecdd967a7a7adfe71035e1b77455c6ccb9e26f99460dd19b978f7437de7b4a87004e04b0bc8b829f

Download Submit