Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
19/02/2024, 11:32
General
-
Target
2024-02-19_41779255cc88e680cdd9c4368c48151b_mafia.exe
-
Size
476KB
-
MD5
41779255cc88e680cdd9c4368c48151b
-
SHA1
9460e45e02cfaf549b5d11e89a948c8c032d1dc4
-
SHA256
ea830d56ec7ecefc0cc80facf1800376290c0d58f79abef51c72140e7acb8417
-
SHA512
28c828168777ab466bb8bd1972d92af5f53de301df8794001cfeed57e6a46aac750408c77804b0753f840370e8091b46cc3e19d20e68d4025387f6d52072cf55
-
SSDEEP
12288:aO4rfItL8HRalHPpdybFtyMzEMkqWCqkVn07K9wlsDpVFd:aO4rQtGRaXdmFtyx8WCqcn0+9wlsDpVT
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_41779255cc88e680cdd9c4368c48151b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_41779255cc88e680cdd9c4368c48151b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\619.tmp"C:\Users\Admin\AppData\Local\Temp\619.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_41779255cc88e680cdd9c4368c48151b_mafia.exe EA4F0F03A5AE158B634D94621A1732AFE7C0DACD8308CB6F27F60122FEB42FAD050C5A92C95198C0A551AC7ED9C124A1DC9BAFD62558FED6A3D88D4BA1E5D24B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD57e25aff90cb0107531046678e941c304
SHA1227a74da232c1bc656fa781bebff15e4cf4b1061
SHA256334ca29114062a3865167139f11accd0351a31268fb10838eb80e08133d03434
SHA5124c7865966f24a9fbc6167635a1b0f8ca1a9b617d246ec0102ba1b4e7ce7255946ac627e2ee7f940be5c89498f1bede6275622680fd75dd8da29a523ef4dfbc7d