Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
14-02-2024 15:58
General
-
Target
2024-02-14_c7f7da34e0eecddf9b951095f3d416b5_mafia.exe
-
Size
468KB
-
MD5
c7f7da34e0eecddf9b951095f3d416b5
-
SHA1
d521c3b41aad542b1cc91066f01c2b6404e08dee
-
SHA256
3ebee542a9b635f4f9139c01e3d460ac2bf9597384bf9c67b6e8f9d96a601425
-
SHA512
f933114adb61030b685a0f85bf9c168557af663bf3905e6f51d1e145fe0034b4c7943f2781386ded43b1784fb60d4afe44674402432522b0327f5ccc955b4d14
-
SSDEEP
12288:qO4rfItL8HG3YKCffE8djHq33I7bWmeEVGL:qO4rQtGG0fjq33IumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_c7f7da34e0eecddf9b951095f3d416b5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_c7f7da34e0eecddf9b951095f3d416b5_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\68E1.tmp"C:\Users\Admin\AppData\Local\Temp\68E1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-14_c7f7da34e0eecddf9b951095f3d416b5_mafia.exe 49A90FB8032C4C4BD16065C7F026F05A19193C78A22289C8DFE3F9DDAC55231402442EEE0152F6E143360BE5EFC013653502B2BD587552B5ADCB808914C9874B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD5c97989ee002d67aa7d7b0822098a9591
SHA14fba6a231aba1ef816fd45848428c0865eae2f2c
SHA256bdb2c0b095cfd1feb4b4ba4256c426bbe7806b66dff258f89d2fbc30e539bb98
SHA51228cf23eb68ed6d1ce955c9d136a4d09400b570c840a771d226a70b56da88084d84c98966a574f897fb8226696b2dddf7624e2df2cdcf2be8163ba8ce65d121d2