Analysis
-
max time kernel
122s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
20-02-2024 06:57
General
-
Target
2024-02-20_cdc21c326b58655017b8abc68165bd53_mafia.exe
-
Size
435KB
-
MD5
cdc21c326b58655017b8abc68165bd53
-
SHA1
d94fb522229e31489033ec43e9f835ff9d106945
-
SHA256
ab66c99cb322b44ab8463d97cbb9e3610bffb9e4a79de5eb22904c99b1de135d
-
SHA512
8ad8f97db8f58bf7a32f9188326ef93478ddc93480cd256d246359777433bf510558e14e150fa86922f0b130c674bc9d8fbff00fe6439afcb2fbb4be9787174e
-
SSDEEP
6144:fJvyW4ojUnQjx4qePix+qXQjBYmnjaMVUvpJlP/o8nq9rCDoCH/x/3vw9J:fd4x+ePixnXQjt1WvzlQrf0J/fwP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-20_cdc21c326b58655017b8abc68165bd53_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-20_cdc21c326b58655017b8abc68165bd53_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1B4E.tmp"C:\Users\Admin\AppData\Local\Temp\1B4E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-20_cdc21c326b58655017b8abc68165bd53_mafia.exe EE6554C5DD9184108F89AB2ADDC5644D3557E8320154684777BE7B8E4B3A30A9D473496DB0CF4545207C0D2E8FE7AED9E77B31E09E89DAA7FAAC18DA83BBA7932⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD59e3cf6f1620fd9a1a2387a3b29597c5f
SHA1928d18cd7710c0d81f3422a25c26cbde832169a4
SHA2568754945ad0036c8535d3c57dfba9d53c709b7806c9241636e71483ad2b617965
SHA51246bcfc7eb4d45996d54080aa6dde15f07693dbbe97bbee4f510363eda531c403cf4224d2e7f174d872d39a40eae4ada9526e52584f7041146c427724fef51432