Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12/02/2024, 15:26
General
-
Target
2024-02-12_25880486715e872733b60371f591dfd5_mafia.exe
-
Size
444KB
-
MD5
25880486715e872733b60371f591dfd5
-
SHA1
7f040f4f05706489d1b5ad829846a46b6094c16b
-
SHA256
4a773eeb58f48025cebc8043942e0b16400b4db58d308e79a8186a232cc3d9fa
-
SHA512
f92cd88be86fdb5a92767422b10de6c03be867ee8ddf3168bae82c598953af66f1c934f4e7bf9f580a02d414038f7c8f8b95487fbc2cf9c712908a5d0ec5f394
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iSttxLxoOAOFuOE+8iqto6IGCMNty5XxcKoRGJ:Nb4bZudi79LkloOAOF6mbPxoRc+JA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_25880486715e872733b60371f591dfd5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_25880486715e872733b60371f591dfd5_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3BD8.tmp"C:\Users\Admin\AppData\Local\Temp\3BD8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_25880486715e872733b60371f591dfd5_mafia.exe B93E5DBB325A8673CDA2D8DC3349A311C2730D6A346D01A6F840B0B187067163CB689AA656063D8C57D0E2D070AB14C7828213554446499D392DCCDF2C36847F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD552ae8cac22a02a701fb09b131241df1c
SHA1a9a320a8d12e14342312ec5787bf96d064742d89
SHA2563e8ef853122f75b2842dbd7deff424cd0d6c2ab125ffe1624f7a182d318b5a3f
SHA512bad13fd7027788b219c5b6147c2e1f6d708e801fc662d3493e212518d6f0bd3df5ad72868fdf17c6db9ffead8bb572ea245c06168bf19c45477c7d2722580a9d