Analysis
-
max time kernel
122s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
19/02/2024, 16:39
General
-
Target
2024-02-19_8312962f2f0aaed3f059c08d3aefdb46_mafia.exe
-
Size
433KB
-
MD5
8312962f2f0aaed3f059c08d3aefdb46
-
SHA1
0bc34ddaad0f460c9145996e28c9616a7342b599
-
SHA256
345c67f1aa69a8be4fdf6f37aadef290be7aaf9b643bf29a0d55ffd78e0c5aec
-
SHA512
f21f81f26cfee959ca54fd67e5c37075d28dcb8f4a6079ab39c2d6aa1feee56d66a511b88b164b63d4196ac1e27ec387faad2a3dbbe6c5f42284c96ed5c218a2
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvF3ZTKTyP1C34GsFfcX6e/Dmml2J5yn:Ci4g+yU+0pAiv+cTs1CgfSSu2Hyn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_8312962f2f0aaed3f059c08d3aefdb46_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_8312962f2f0aaed3f059c08d3aefdb46_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6558.tmp"C:\Users\Admin\AppData\Local\Temp\6558.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_8312962f2f0aaed3f059c08d3aefdb46_mafia.exe A883F9E393916FC5970594EDBEF696D5B4E9CB5C223939322892E8F159F0904F3FD3E752196F13F502C5B9CEA718755B1983A3986A7000618A40ABB54B91BA6E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD545dbd9584ccd3a616c0821fef78a5acb
SHA16cf7e928654f79f1fbc3c0a8e464dc5e58cfb1a6
SHA256fab378690e5f5cb22028c6e541e9981eb6450a85e6734cca9a75661a9bb401cb
SHA512727784abffedf6de47d949f9bba38e6c77810712a31bb1ee9c31d9bbe5281c3255702ccfd14e95d08f54b20b629568d9bde17364b5264ef40f607cabc8edb049