Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
14-02-2024 13:55
General
-
Target
2024-02-14_be15984c68a57bc401f334579b0b55e5_mafia.exe
-
Size
486KB
-
MD5
be15984c68a57bc401f334579b0b55e5
-
SHA1
c082e419eb859b3082e07aaa11d6d39132f54bd5
-
SHA256
09d5b1ebe250f5a972b8bc46e7c1dba833b2652750b19c57c38eac06b8c973c2
-
SHA512
f80b796a0d4c58306aead4fafd0a71dae4b7f09469df910d0be53240b9c3e3e85484ab8a761b57cae7c84af89d66bc3f1ccd7d7009d83aabbdb7b4a455ee2e81
-
SSDEEP
12288:3O4rfItL8HP9nDGASIGCBVnDzHT9ShL7rKxUYXhW:3O4rQtGP1yA0CBxHHIx3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_be15984c68a57bc401f334579b0b55e5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_be15984c68a57bc401f334579b0b55e5_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3A52.tmp"C:\Users\Admin\AppData\Local\Temp\3A52.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-14_be15984c68a57bc401f334579b0b55e5_mafia.exe A8D18DBF7996749AC19EDD1CBE6F06960826BB21CB372676F027B5B92677EFB6EDA60FC8B50E7B24C45356CFDC8758453461939CE4E198395CC0675F72A0FA222⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD537924f7e6815b03d754e41d0c5030871
SHA1e2b84366fa87136eb31781c8bc533f8d1d2abefc
SHA256b2f6b6c25dd788c67b16d15144fc1c0beaef9904db1d8f57f76c519b470c467c
SHA512f5bd4ae43f0bff98ac83037df482b277c68e0d5b4bf4c25d07e72c4133bb6b69d847b79e711073ca36a6d0e58fdfcc62fac39d65a2b38bf8c5de69a3aa10dbf4