Analysis
-
max time kernel
120s -
max time network
133s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 19:27
General
-
Target
2024-02-12_f5dcbbc491f90d9519f3f1dc72bf65c0_mafia.exe
-
Size
444KB
-
MD5
f5dcbbc491f90d9519f3f1dc72bf65c0
-
SHA1
d5990ec0c14719975d510ad4e705f4ab5984ddb8
-
SHA256
a6b1857908f9308f9b0008fab73a7dd6d9e9707230d6eb97fe3c4b2288241908
-
SHA512
8b38ce2ce3037d129c6a47b4c01d95c9b9129b521ff6a3afa0945653b48d175a81a75cfa9679e2b25b55328c632b2001e4478955e1cee9b45efb258cdd72185e
-
SSDEEP
12288:Nb4bZudi79LhgTJ+vst7uBoQxfHsH5QA:Nb4bcdkLhuJ+vstKBo8fHi
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_f5dcbbc491f90d9519f3f1dc72bf65c0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_f5dcbbc491f90d9519f3f1dc72bf65c0_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6A19.tmp"C:\Users\Admin\AppData\Local\Temp\6A19.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_f5dcbbc491f90d9519f3f1dc72bf65c0_mafia.exe ED270364891A21AF9CD20F28F2A4B698B02FDDDDBC0D49F2376F8A7267038794FDF2E7F8AA336A40A768A1DA1217EA1FBC782F05903C5BD335F4A66C3C6AD09F2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5c3aaff431dae223d73c84c5219d1f3de
SHA1ba02a457d681b0f16b16c5f160e25f806e7e4108
SHA256a5f45b2037a62fc099797242103d85a3e5dc6d89390c93d8094763685b19fc67
SHA5127c3e78a45e8f3cbeb5e238339011f8ba30cae2d8e600e865f5205405ae897492d7caa6d957f3cd6d1312762b4fa748f07b2db988371d04feb83c1c22f535552a