Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
19-02-2024 23:30
General
-
Target
2024-02-19_65f287aa6a2434bb120a0ad2b1c842f8_mafia.exe
-
Size
443KB
-
MD5
65f287aa6a2434bb120a0ad2b1c842f8
-
SHA1
65d9c0fbab829d3f1019e82f40301f138ef90e17
-
SHA256
ec6bf9cabc0a0079e57b0b6e68a0414425f463de58bc45d1640f237c6fb7c587
-
SHA512
8eed7bf94b52b5988c517bcab6c6fded0a391b0ab266bae8950bb5a64ccf373737a3f857cd47ffbe2a968e815fe46d4183db35ba18ca8961b5e05a71a7e9daef
-
SSDEEP
12288:Wq4w/ekieZgU620b8FyDiCzxXo4rhLydjwlMa:Wq4w/ekieH6B8FyOChPhOdMP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_65f287aa6a2434bb120a0ad2b1c842f8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_65f287aa6a2434bb120a0ad2b1c842f8_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\952E.tmp"C:\Users\Admin\AppData\Local\Temp\952E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_65f287aa6a2434bb120a0ad2b1c842f8_mafia.exe CC48B594AD73087458E7B0B3F0DABFF52E68B8EB8B388C77FBE63D38354CD763F6EBA1A1F9ED6079B23C004EA484946CD673E49985B4E518CCF1C694FEC04A1D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD50d431da586ce520390a983592486b86d
SHA1437e85a8858adb7974e0c48d753c416a79bc3a78
SHA256bfd648526ad480356d0fca8dd84c6f81f05f5eca8a169e5cec74ddfd6a8062db
SHA512dceb15bf41207cef7539229026df05230c6f214671bae7a79711c853a16263eed5a0305e61da82b0ef59bb9ee5f74256824ffb41f0b0df6a6e648dd1e5611300