Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
17-02-2024 12:52
General
-
Target
2024-02-17_ae03f5602ff9d3998943d58f298ceb88_mafia.exe
-
Size
468KB
-
MD5
ae03f5602ff9d3998943d58f298ceb88
-
SHA1
696bc82315da30591dba029a1f0f6ddc8757d40e
-
SHA256
d269e012e8f55496deb7cd3668f0ae572a89bc74bf118b0cef40a1728824d440
-
SHA512
e66d314f92767db0458168bcc50ab3b8a5c47c006149ffac376d0199060af0711843754d88af01be506d67311e54a6807e33636ea8996cc9cc3f5a67c950c768
-
SSDEEP
12288:qO4rfItL8HGtFJOugu1P1wjgI4U/zxpupzICB7bWmeEVGL:qO4rQtGG/42xR7UNpuewumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_ae03f5602ff9d3998943d58f298ceb88_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_ae03f5602ff9d3998943d58f298ceb88_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3C64.tmp"C:\Users\Admin\AppData\Local\Temp\3C64.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_ae03f5602ff9d3998943d58f298ceb88_mafia.exe EA451C9388CC595B5C37697D36D32F86EB4BEFBDE08CB196F1ED3848D1430FC0F3312DA6FFB60235D1B42704DA393492F4FADC7FE69138591529747A012622E72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD52d3b312686c12dc32bd8d94931f88877
SHA19d0b7c808a529541b8f182976d5a36842475e99d
SHA2563b03e85dcf16ab7d4a8502afe1f82dea9d55a494b2bafd1db151cb810dfe7692
SHA5126c4348c1ec76c73615975971a6c33eec11bf2bdfc30661d9766768016725133afd35824b1301ecb510cba152ddf2b2a4764db5b2f33ebe4d6ace7510a0772f18