Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
18-02-2024 16:42
General
-
Target
2024-02-18_7657f22218298dd629aa90dc9244cc22_mafia.exe
-
Size
443KB
-
MD5
7657f22218298dd629aa90dc9244cc22
-
SHA1
cb9354923dc34cd2407f0d722393cb1b40c4f89a
-
SHA256
5d55684f1805b56be4b99159eb59f7fbf5d2c924cfb57c560d5b45b1ca7e22d5
-
SHA512
ef781f2515549ce60b840f3394249736990b6cb11857eecaed563c975b30a919be12436501a1b0449d4af6d56a245ae13a2366f4e78fdae123c05ae50d8f39de
-
SSDEEP
12288:Wq4w/ekieZgU6elW9cybu07iUrEJVFlMa:Wq4w/ekieH6tDp7iEEJVFP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-18_7657f22218298dd629aa90dc9244cc22_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-18_7657f22218298dd629aa90dc9244cc22_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\122A.tmp"C:\Users\Admin\AppData\Local\Temp\122A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-18_7657f22218298dd629aa90dc9244cc22_mafia.exe 0A43E27AA974814A000962DD105156EF9726EDFEFB61CA3F3FEACA2D21B8E455E620BEF8B2AB30B9EED1204B8EF8149870EBB7190193201BB676329B44CA57ED2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5cb6f28cb11ab69493fb669116fb0c9d4
SHA19e956f223dddf7613deb933250d6d5c6b7f2d90d
SHA256d9d1ab173b4b3d7dbb44ef61d6ea5d8898b9db7ed8f21b0ad9b0e66ae74f0bdc
SHA5128535efade49046bede1873013bb45dce7719e34abddbf7c8bb009dea846416789b04ee7df8d266ca3454f5b0a128263683a327e4f648b98f74d63738ddf940f0