Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
19-02-2024 08:56
General
-
Target
2024-02-19_db2dfdb8a362e30b8e480afb956acf01_mafia.exe
-
Size
473KB
-
MD5
db2dfdb8a362e30b8e480afb956acf01
-
SHA1
afc04bd640dcbef0de30abb539f48e7c63e1565b
-
SHA256
e0b40628744de922ad043e7f5d720a719a1b43e81e6110da9e79ad28f38b0593
-
SHA512
e90bfccccfa2c6d141188ec8f89f01827752d599125cf4714e37b61f7daad6bd00d17799055edc670dfb19081b9c2f570d2545b1ba08134461864b86b6b0929c
-
SSDEEP
12288:Nb4bZudi79L7++UoZ3qMwipzwQwGyNveMQA0a:Nb4bcdkL7Bv37xpz2eMD
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_db2dfdb8a362e30b8e480afb956acf01_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_db2dfdb8a362e30b8e480afb956acf01_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\847B.tmp"C:\Users\Admin\AppData\Local\Temp\847B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_db2dfdb8a362e30b8e480afb956acf01_mafia.exe 77D7EA490946E8FEDD09E10017A3EE888D109753996D881366DC50A6F71F70179A10CE28325C3C5DC6B49F36C1266D5D3834600203DF0C3567ED87BEFE501C9D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD55a392ab8bc9082b923b5676ce4fd798c
SHA15a93c1e1a3cc47ef6ae9ca2e67f5e74f5d4e0adc
SHA2560a2cbba1d6e81579c7ffa6c593d9e58e30812c27f059260b32aea752169d218d
SHA512a4ac942b3b4035382b882251b8575d557d24c3b8c6dbc833505e9596ef0325f0781b5ea2a51706d2828e50aa33d33d4cb23566f4bbb31f7350f465df5ba515c6