Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
04/02/2024, 08:32
General
-
Target
2024-02-04_b3162e315e00b8734387593da0386672_mafia.exe
-
Size
476KB
-
MD5
b3162e315e00b8734387593da0386672
-
SHA1
19f26355ad2561bf6784e5f66a39634e5a7bdd0e
-
SHA256
abcb74a41a783080fed05d9ce055c780b3f062c44b088e31fb60dd7b38b66e12
-
SHA512
ee45e90adcbea5fb20166277ad5f875533955e64b498fd4914461900ecf383ac35a76b386fb95cb8f5cf79924d8f3b370d42037bcacc2093a2861ee374f2d597
-
SSDEEP
12288:aO4rfItL8HRZwvN2RJCQlBAPvi5kw3uuX17K9wlsDpVFd:aO4rQtGRmvmJlBAPmk0X1+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-04_b3162e315e00b8734387593da0386672_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-04_b3162e315e00b8734387593da0386672_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3775.tmp"C:\Users\Admin\AppData\Local\Temp\3775.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-04_b3162e315e00b8734387593da0386672_mafia.exe 078D14163557A346B8836FF9BBA80976ADEC7F84C39E46864FB60A16DD0D3F099EA9F4131EDA3B48488B4B3FDC41E2D613618EDAEEAFFF431D44127C626156172⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD51d40a32919e12d93e35a28bcc46f4d3b
SHA1044399065b33a89cb155b12c2ef1449d34b4c2dd
SHA2564cc5e49a366e868cdec06357be8eaa8e54915ce60be25007d3ad48239d02f43e
SHA512a6885c575fe3d33358db8763bd367e7fb06521d17642c9d9c5c9195c023f34bd60c5278c2e8711e393d24c8372ca14eb84dc7b08d6355dc77e52c492e131ae58