Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
11/02/2024, 17:27
General
-
Target
2024-02-11_2841fe721b8fd8273d7df257195547bf_mafia.exe
-
Size
414KB
-
MD5
2841fe721b8fd8273d7df257195547bf
-
SHA1
ac989f1ca13d7c893183405e74a01f6bd10746c0
-
SHA256
076335f57c10ac2a82f19aa8c04a7384e050cc20412aba74af34b82e146f5315
-
SHA512
5633aab4515cdabbddbc3771153c23a713f050e530328f242bbb09140c459c7a82400765e61f8784ec6e8fd9d79833e0ac6af6eaf845766612a567d89760be3a
-
SSDEEP
12288:Wq4w/ekieZgU6BU4yB0G38a83NunNy3QU+ul:Wq4w/ekieH6ylBRgNunK3
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-11_2841fe721b8fd8273d7df257195547bf_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-11_2841fe721b8fd8273d7df257195547bf_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8A84.tmp"C:\Users\Admin\AppData\Local\Temp\8A84.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-11_2841fe721b8fd8273d7df257195547bf_mafia.exe 3563028BF0BE32D05035C27B7686A78911D268140F0EE155E594BE7DD0E3B514D17894EC18DA1420E1EF87F76FEB44ED782FEDEED8604647B706A630F89789A22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5ef57e8b6f9f864e64227377ad9e01b53
SHA1453fc25106669bfb3a7607a28b74b9cf82db86f6
SHA2568a2d6c1f190c8b8ee1260e1d676a1d76c383d6f9f6e6d92b036ae9df8883ecd5
SHA5126955c999a4eb9d9e7d14e100f0def7384da6ef63e7cfce6e5c1314a219b07c847b3d69b2b9e9713ddbdc7cdcb6b7dec51eb94da80ed82e169c1b2d74f2e94b0e