Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 17:50
General
-
Target
2024-02-12_cfba430e7c5fb9efa9253d4461c8cf65_mafia.exe
-
Size
414KB
-
MD5
cfba430e7c5fb9efa9253d4461c8cf65
-
SHA1
fee80a75bd40d8fa65c0a37431c0482e002a9eb6
-
SHA256
24592e26c4aab323bc2c8dcdf2c1d9905b1926ecfd4be0395800665306c1687e
-
SHA512
264a3427616cfe3817cebaa7756336adeaa24a640125960d2b5d291f7c9df060879ea2dd70a07a150414aec6c7bf1037011fc09fcff7da856187ef25a791f560
-
SSDEEP
12288:Wq4w/ekieZgU6ZoqwqFSheJsJHGZt/tuZAl:Wq4w/ekieH6HwIIsluy
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_cfba430e7c5fb9efa9253d4461c8cf65_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_cfba430e7c5fb9efa9253d4461c8cf65_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2858.tmp"C:\Users\Admin\AppData\Local\Temp\2858.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_cfba430e7c5fb9efa9253d4461c8cf65_mafia.exe E346E9231ADBA85E50C4BAECA1237FFF018603DA5CAEB8EFE8B6839A614C397CCDFC7F6E4C7BB3682DA2082FD6F9F8D176DD1B1300A39FEFDED9D6B28AD9776A2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD52017961db90524ea278b0bd06c906cbc
SHA189d3ceea800e5cd666eb709f9d291af5f9d35e0b
SHA2568ddd4a9b9dd0def559a74140bebc9bf67c6b70aa38972c7fab04da9c90a23502
SHA5124db0a05b841b0edb661a7d902dcf3f002fd0d10a6b504ce35a3e53462d0b784a7df73b05ac63a7625506309faa809f3e65ff9a42f9bcad233573d9de560d7402