Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
18-02-2024 16:58
General
-
Target
2024-02-18_d9d0e07ead95806034e96171b026eaec_mafia.exe
-
Size
486KB
-
MD5
d9d0e07ead95806034e96171b026eaec
-
SHA1
adbe1e4c2f43879f35a22fe9ad65f590b29f49c5
-
SHA256
41269094f030531f1669d09b316931b30236b73188d8f87c69c15f6d189f7b43
-
SHA512
a7179dea7c591ab1dc6f59d2565e1fbbd1f3b39a85c78bbedef11b935a7dafa10d8ac8e7d8fc2995aaf6246a6653bd3f26f07d91a7f2d1cd85f426472b1a495b
-
SSDEEP
12288:3O4rfItL8HPA8DjsLJi591Ec0Wtkhb7rKxUYXhW:3O4rQtGPAFLJiMWi93KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-18_d9d0e07ead95806034e96171b026eaec_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-18_d9d0e07ead95806034e96171b026eaec_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3E48.tmp"C:\Users\Admin\AppData\Local\Temp\3E48.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-18_d9d0e07ead95806034e96171b026eaec_mafia.exe F341F6C064CB6B86616A4F115528510ADD36C5244E3D9ABDA13B4B477D19AD5EC322CC69997686DDA99FEF379BB47E5F06EC5F130B770786EA045ADF2DC5C70E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD592cec8e0c49837ee2d17a18b3408fc9a
SHA11a030225753a001d0f37e39b96805fc60896bd4d
SHA256f43132ca54f11243a39031595cfdaf3675b10dbbcc52f6a5f992d8b1b09f0082
SHA5125b54576873c07dc7300696ceea6f2805ef904a76a993e6ee931ce15230d955636ded5117f666b54c86463beec059d064f27889a65dcd93b9e9ea240a2e0080a8