Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
17/02/2024, 05:43
General
-
Target
2024-02-17_a07c7a912f18a2317826a90e720d2531_mafia.exe
-
Size
435KB
-
MD5
a07c7a912f18a2317826a90e720d2531
-
SHA1
5ad649a2acea08f14a098ffe22bae48972444f1a
-
SHA256
1dcfb0ac3841504d4a185d406b72b89bb72762e92cb67e22869c1851793b7b8e
-
SHA512
4546de22d154ee931c990faa5c844df56422c62761775567e9eb7fa0a1d12c25a67a81b31e281deaea1fa2e90fc3ca514abfe50cfe7c62b65b2a9c1339651c21
-
SSDEEP
6144:98Xyq4o4aRCTuuqepiq+zQ1mBYPkFWLTD/DALLIdT33LtfiRNJK:9W4ufepiqKQ1m9FWLTDc+rtfUNJ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_a07c7a912f18a2317826a90e720d2531_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_a07c7a912f18a2317826a90e720d2531_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4338.tmp"C:\Users\Admin\AppData\Local\Temp\4338.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_a07c7a912f18a2317826a90e720d2531_mafia.exe C8C0957508B9063FE538C4B3F690C97E08F2CAC55222A022F1C147C91F27F32C8120698D6FD1F2A5FA7C5514A9560F81EB1B3E1515D282732ED290DCEA3DCBA52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD5ed1a0aa22b4d09450c22fa3188a0ec67
SHA12517a3183fb87a1d097f41cd65b15ea24a8e1d27
SHA2566eb5a76edd8f7462bdc0707017acd8f416d6d3ac0af1559caaf026edef5f8adf
SHA5127ba79e2980627d6ff19d377e9a91fe7c762baa5c38784f62a4d2a49f0828a4d87f2853c3932042164e6fdc3f8048c397618df6bc8b91dcb9460d839a7453bb84