Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
13-02-2024 14:56
General
-
Target
2024-02-13_ec31ab682e21055e088e888d6e6a534c_mafia.exe
-
Size
428KB
-
MD5
ec31ab682e21055e088e888d6e6a534c
-
SHA1
9a2a469e142449b6a4f13a6223c519ba8051e500
-
SHA256
8da703bc437f328fff52784fa533b388245beffef275d60cb3cf0052929394a8
-
SHA512
c1d2d9a5dd0b84bfce1feef9466c64854e926dd8f5dcccec264b906d53efb0d05c2419df9eb9afa829b60527466136b342d8c25c12cf8c857ff41a47a048535e
-
SSDEEP
12288:Z594+AcL4tBekiuKzErMVyYYJUh2RjtdsfSKtTPCv0Wcbl:BL4tBekiuVrMVyGh2RI656
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_ec31ab682e21055e088e888d6e6a534c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_ec31ab682e21055e088e888d6e6a534c_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\915.tmp"C:\Users\Admin\AppData\Local\Temp\915.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_ec31ab682e21055e088e888d6e6a534c_mafia.exe 5E4D21D3A2ECBA16E054B5A8616BF498718449A9FBFC42461ABF87A590918103E798DD04BF700A8A32D9C1026603B1F4CD6F0AE092411AB3959B9848E23725622⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD565281be9084915e1b1f345fd5961855c
SHA1bacd3485d31c6a59aadaf76b4749cb6ff952060e
SHA2564a9c782a409c1fb05949cbd8b7c116d47f98bd96a2ba9c4c03d1ad240ce4f145
SHA5128fdb8c145448eaf2acc8912443943604ba88643f85a32914e7c06bc7acd948ca048eb21ab988f47e578fac70c5cfda4da88c9c4a513618bb0873e49ca3448c6f