Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 20:23
General
-
Target
2024-02-12_d602c0a5b9f638ce7660be7f803d0a52_mafia.exe
-
Size
479KB
-
MD5
d602c0a5b9f638ce7660be7f803d0a52
-
SHA1
0e5df5695bb5191f9382b6376f87dc12fe89e4e8
-
SHA256
0649ed5fb769dfde81d59a631a56ce55f996db737ca08219a43bb61b68478612
-
SHA512
89584ac5e19b31de9a6da82cf4fde02ea49c05dad9f5a64483a7ebe3ec1e48796a29b16b7cc80e51d4671f905adb2389581ceeb67b3c39a839b5cc369948154d
-
SSDEEP
12288:bO4rfItL8HA4u8CG36QIn9msMd7kPfYh0S75UO:bO4rQtGAD8CG36zp9AxVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_d602c0a5b9f638ce7660be7f803d0a52_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_d602c0a5b9f638ce7660be7f803d0a52_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\196A.tmp"C:\Users\Admin\AppData\Local\Temp\196A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_d602c0a5b9f638ce7660be7f803d0a52_mafia.exe FC49952E43C1E713BE3E405C1D72E8BEEEC96D97345878C3B541519A07C42F661C179701C86030170506476B4B6A2619D5BCF03BF4857D00C667F01DAEA269C02⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5a7e0652836ec396474eb3e8604bb73b5
SHA1b064e00d0c04f628366a69690b63f6c0723fb378
SHA256b334909128ad1bd17ced44b6369729926000328ce4c2fa8ba5cc11dd20d98ec4
SHA512872b09950433abfc2c8bf5cdde6438c579a9302d055a71f43fc9d885e27fa851dd08250c1326548fab4727129b48f6d2b4200ea2221d918cc60a3e712b61bc29