Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
13-02-2024 18:34
General
-
Target
2024-02-13_6dc4909aa9646826cb62dadeb444951b_mafia.exe
-
Size
433KB
-
MD5
6dc4909aa9646826cb62dadeb444951b
-
SHA1
d70f4bc9399f18b53f798d31092cca795d580e2a
-
SHA256
c96cdfb88433b2595cfcbee526bc7af7d7840f2449dd3e7ff2065eeaacaeb057
-
SHA512
77030db755b37d3adf0102f5eb816768257796580e6b29b0f6dfba49df7a50e03aa10f54660bcf5d1814ac2df7a01cde7aef69029fb1a576618711b60f789baa
-
SSDEEP
12288:Ci4g+yU+0pAiv+5fUnpa0l+mPUiM5GAXbFYdYamn:Ci4gXn0pD+5wpzljs5GArSdhm
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_6dc4909aa9646826cb62dadeb444951b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_6dc4909aa9646826cb62dadeb444951b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\532F.tmp"C:\Users\Admin\AppData\Local\Temp\532F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_6dc4909aa9646826cb62dadeb444951b_mafia.exe 4F3935134C758A7FFFC4FACFBE93CDF919547A108DE3CAEF76DFBE8D4BEC73F15A62F369E4C36EDE4E52D67ACB23460C490A891F3618F080201A3D4351FAF5312⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD586351d3fe8feb294dbe2ce3f8d3f961d
SHA13f3ab31b857240b8ab766bae56d9bf1e23f9c4b3
SHA2567e3d2b99b1c8196df9e81dcadae505cd819c35cc8b811db250bfa40730e55f3e
SHA5126e39c39924d9f02953a49752dc09d854665529f054584cf2ec6148eed5ad7d4c982e0f00318841d18c5e2576598d4d2076c230547daaad85bfe95eccab75b1dd