Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 17:51
General
-
Target
2024-02-12_d59ea4121ad9ec0c1c81f5ec74a26b91_mafia.exe
-
Size
479KB
-
MD5
d59ea4121ad9ec0c1c81f5ec74a26b91
-
SHA1
799d934e9ac4248c12654950e2ecbee697d6d6b0
-
SHA256
0c5ab1de4e0d41f19c161e5d3644033984d972c428bd42e70aced26f28076a0d
-
SHA512
9cf7fae830ec66952362281952d402529b37e78ac95fc2f57c977c040bc873db40cec59cf5bb90a1fcd88d7018970d9e979b0ccf34f680601706a04a041b7799
-
SSDEEP
12288:bO4rfItL8HAo2xcbh8mv8D+uU+fdF8OpmgF75UO:bO4rQtGATxct8mVL+fdaMVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_d59ea4121ad9ec0c1c81f5ec74a26b91_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_d59ea4121ad9ec0c1c81f5ec74a26b91_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\872A.tmp"C:\Users\Admin\AppData\Local\Temp\872A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_d59ea4121ad9ec0c1c81f5ec74a26b91_mafia.exe 6BC00325FA92960DC79308E81B287B7748DB13F5F125BB094F516727B2FF669AB6B4A108803B340A9F2D128A57C61343BCC779DB474D33C5400A80C26F4FB1E82⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD554a60e52032200fc3e1cbaf97b750a9d
SHA15645a0c72f0904b0f574700b199de422db16c1bd
SHA25660906201df2e446b82c90b832937aff6ba1dc9571b344a6a68b53554a25a8118
SHA5127211f0f0f11fdd6872a1f918d62fa0161e8063a219ae3057df08e30b33af3534ad9777c29ca5a17660c538ed6d2cd6e1d000a62fdafeb691bc5ffa41338b6439