Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
11-02-2024 20:42
General
-
Target
2024-02-11_d195fffab03e72a4d46f351cd78d4ea2_mafia.exe
-
Size
433KB
-
MD5
d195fffab03e72a4d46f351cd78d4ea2
-
SHA1
861bd0e30ef0f239452d4cb9152b54ee0d43f715
-
SHA256
1c6de9dff6c5ee545d06d72aef47fb23126c4aa6f55c2f461e9df21cf022e224
-
SHA512
ab920a172a99eae691c4c8dbe9bfb1767c6cda86aae6dac79559ea1ba775345dd9246dfaab6a20e368003e7264e2d496b04f062e8afb660c99ca0e49ccab445b
-
SSDEEP
12288:Ci4g+yU+0pAiv+tUeM1O424x3ITyScJyWxdn:Ci4gXn0pD+LH4rLysF
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-11_d195fffab03e72a4d46f351cd78d4ea2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-11_d195fffab03e72a4d46f351cd78d4ea2_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3AFE.tmp"C:\Users\Admin\AppData\Local\Temp\3AFE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-11_d195fffab03e72a4d46f351cd78d4ea2_mafia.exe E528E722F4DEE69700600B2916561827662130F6B462BA415720A1E7EE8BF4FC000FC70DBBEFD616FFB0FB580C4839189D0C5F017E228518750159EC48E93EB42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5fad754aad0b2af8086f5cbb8b134c027
SHA1452462d8e88ee476cfa2ebae03ba1716b085d463
SHA25649a69b7e414b30edfb748efd5bc1a45294add61272d4e3059936808804fe1722
SHA512c4022ff6157f44166dd942dabf4dd555c9b1baf350b96d101bb8d56cab8b73f234a0e811cdd1bb3518b8922e0c071036fe05e7ee5b472297b797117ecce9e12c