Analysis
-
max time kernel
119s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
13-02-2024 05:52
General
-
Target
2024-02-13_76f33c208d7526f69feff36e5e873b8b_mafia.exe
-
Size
433KB
-
MD5
76f33c208d7526f69feff36e5e873b8b
-
SHA1
380c9389bf19b39f777aa8061fd5036a5dd53202
-
SHA256
74b19f977bd64fec765027d47f093e476e187a0e256cec45d83612bb94e08c30
-
SHA512
d12779262bcc38902cb38ae93ddb99556d5bed43871b77f306791521aade58a22ec2ad33a88a46cf4420e58f7352d7b78c2e9e7116a2b8efa3ca841648eb9012
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvuPO4f02ofZLLbJUPandpsQ9vw0UYUowdR9C:Ci4g+yU+0pAiv+8PO4f0nZJU/QnonOn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_76f33c208d7526f69feff36e5e873b8b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_76f33c208d7526f69feff36e5e873b8b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6651.tmp"C:\Users\Admin\AppData\Local\Temp\6651.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_76f33c208d7526f69feff36e5e873b8b_mafia.exe 0969D2DC91495D9CFBCC91EA46B9663205DE02835D1D45096070F87A2405239EE47F444B6F49D99E6B744229934E31B8AB464C81EBF80058EAE30681096710842⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5ee9e7f6c44a6a3bedbffef952d5dffb2
SHA1316b816052c1749658fca7ca94481d3060f67554
SHA2562708b9880bfb5799fff7c9c81a2937d6b7bf6522362ca2290794821487694bde
SHA512b076c6bdf567d691f9ffe074a4a52eab3769d1a810350e6bb37de59fb9e932362bbc8ce617fedd1e855978775e310b65ea9529ab9b377d6b5c9a9b49761fc821