Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 17:55
General
-
Target
2024-02-12_ec1c9103d00e35d978e176e46d648501_mafia.exe
-
Size
433KB
-
MD5
ec1c9103d00e35d978e176e46d648501
-
SHA1
45451f52098b7715f5637cad8917b91956c6de50
-
SHA256
4337bec194b778c60a4924e7071984a15e993e3874ab6d6e882e15b383f5e5ab
-
SHA512
01f922dceb7fc51c3897f362484ca04c8b1916d6f6e48fc8aa4239e1066059b2bc073e934688da73ec3c07cb0262e8febbceec5e63f651e9c3ce914fd35967f4
-
SSDEEP
12288:Ci4g+yU+0pAiv+LLeZpJupoolr1BQZ4WL3xbfBTE95Bn:Ci4gXn0pD+LLWWpZlrvQDdfBTE9L
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_ec1c9103d00e35d978e176e46d648501_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_ec1c9103d00e35d978e176e46d648501_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\74F1.tmp"C:\Users\Admin\AppData\Local\Temp\74F1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_ec1c9103d00e35d978e176e46d648501_mafia.exe F0F688297076254F6837066ADA36CAC05970BD1EEAFF068F78546E72595C39A66CB081A1E7F17B00581AA6C83BD2928A5143E80836CDFAF39D2A667123DAF9122⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5c71fcce27f3e7956269eee5c69acd269
SHA1003dccbac349b240f4cf9dc0a97df89c4bec7eb9
SHA256d1c4b5f9ed5f51c9f541245e4fc255fa03f6597503df8fdf26c06d1c413bbc0f
SHA512f80377bb6433b4cafc2fb46708225d04f9d04d25f313718d4f8fba0acc0c74720323b899d985bb8f14a3faf2541aebca32fffec56121ad6ca21d1bc9931b717f