Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
11/02/2024, 13:30
General
-
Target
2024-02-11_4c018b92038db1dd1b948762137e2473_mafia.exe
-
Size
468KB
-
MD5
4c018b92038db1dd1b948762137e2473
-
SHA1
61b86f66024710d43cef4439567558e4ce637407
-
SHA256
bb609988d7e6bd049580d585db9f360528c65199ab3c8fcbe304764dbf7ae784
-
SHA512
73e0829a8e6b521421c7fb9c1d2c994f3d9cc393c847733dd7413f5420266e00e56c77d214abd030e2b7388d433b74312def0bd9eecadd6d2f5dbb5c0ceaa3ef
-
SSDEEP
12288:qO4rfItL8HGPfs5QEfCA3M+1f35AA5BG7bWmeEVGL:qO4rQtGGP+M+V3aA5AumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-11_4c018b92038db1dd1b948762137e2473_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-11_4c018b92038db1dd1b948762137e2473_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\43C4.tmp"C:\Users\Admin\AppData\Local\Temp\43C4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-11_4c018b92038db1dd1b948762137e2473_mafia.exe 8D6DE094DFD6AB36F238E8BF3A7F6EE490EF98933413794488595A766420177A1B3CD76323914E3F4C605FB569C8BE6700DFB02A7C170618635BA5F4C6C39C242⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD521cfad053b012fba46f0ac33668e147b
SHA125924b1360e4ab6d102d1feddb25c6d2755287c3
SHA2567eeb6f359bec0cb1d56e06b5cf45b5d4d42ccaa068ae6a021a02e3d84b77190c
SHA5123efdad9369d032b46fb20bc3238d40d503287edb791692d5e07082bec345e5833b8e91add3b8a702de7cf1f7a45b632d1902c2a679b2612b4514c45866966678