Analysis
-
max time kernel
122s -
max time network
130s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
21-02-2024 14:06
General
-
Target
2024-02-21_c61e0122efcd8adb6b11c1d7632e929c_mafia.exe
-
Size
444KB
-
MD5
c61e0122efcd8adb6b11c1d7632e929c
-
SHA1
ed03e8985e847b108d946fce72201661df69e746
-
SHA256
5208ce1a8bcfffd25043253e8c86fa7671662379a4b524159205e9d0f92fdf64
-
SHA512
978269fa80c6afa61242d02ae76cd3746510a522f8472476185c2c124871953f79355c71d4ab746a43a3ee483363a4e69f38df338a26752982eb74cf923c1d82
-
SSDEEP
12288:Nb4bZudi79L7ptpS9AFLkiglgBLDRnBwvrqAeZA:Nb4bcdkL7TMkwiieNBwv
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_c61e0122efcd8adb6b11c1d7632e929c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_c61e0122efcd8adb6b11c1d7632e929c_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\624C.tmp"C:\Users\Admin\AppData\Local\Temp\624C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_c61e0122efcd8adb6b11c1d7632e929c_mafia.exe DDA54795BF422FC8BA23597461644EBB41FF245176D92B8442EDEA3E30AF90972227280436C837A91A3A960755EF0DD778CE32185B89616845C5007F9C816C202⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5d25e42b68290b668ac25586511ed9084
SHA1417abbd44791117e10b705cd70e6caa4579e0a4c
SHA2563cec0f733aeabd9a5c6d515f706ef1029dd8908906b8def27d17d82f3927286e
SHA51241484ff4da1941eb99b6d7fde340162a1625268071b41dbfe0f789088d942dfa8d30a134b852fd1b0cd3a7c92587097a60eae8fb8907cb2686b272cd1cf3838f