Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
14/02/2024, 14:40
General
-
Target
2024-02-14_728af49b69c56d8dc73229c799855fba_mafia.exe
-
Size
444KB
-
MD5
728af49b69c56d8dc73229c799855fba
-
SHA1
60927c76873b5aaf175ff1a9fb029bdd46880560
-
SHA256
6550a77cfa2df42c8281a04fa3920ba6ff18bfad1195c5cf67e1c47434da635c
-
SHA512
59d6974bbc50067b62326bb2ca594a60683e87231a23fbd9019d34c9476d719214125539a5f13671b412dc4e025634714ed4978389176ab95be014faa640018e
-
SSDEEP
12288:Nb4bZudi79LPJR7No79FXa8pmsTrTXQxNA8FFVGWRA:Nb4bcdkLPJbo79FXa8pmsmNA8F
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_728af49b69c56d8dc73229c799855fba_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_728af49b69c56d8dc73229c799855fba_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\499E.tmp"C:\Users\Admin\AppData\Local\Temp\499E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-14_728af49b69c56d8dc73229c799855fba_mafia.exe BE1B09BFF0E34EC69337C252930B583D226B92B891206CDD4035815908DAAA7B481EDB25043ABC5BEEDD908D68BEF089FF9330531C8ECA210ECC3DAC2F512CB42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD526c567167190210e29f5edd498964f85
SHA1302427d8b015e0d76ac3bd637d73064b95e688b4
SHA25641616484399b4e7d8a255d7cd2cc2806cb7e640590f0818a3543cb9eb3b533dd
SHA512f67fc0bfeb7f9faffd29acda47b3f3b19e0d8ad149c44c7ca7a69851bba9ef57dd35e73ce71c86c21f6e8b699b3b4ca2dfc4f05e6ba5afdab519b562f737db4f