Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
21/02/2024, 16:57
General
-
Target
2024-02-21_a79e3d24436e096d121b146be9eca830_mafia.exe
-
Size
476KB
-
MD5
a79e3d24436e096d121b146be9eca830
-
SHA1
cdcc938264baf8f911dd6dc999ed85bed3447e13
-
SHA256
c85a15dd24286e95b2beac513ca54ea0fd3554f49a1752d04737e33f6b64b13c
-
SHA512
7aee4be60bc232c1bf769d3a59029a9d9c35b17c2cb80c96236e6fa5f39ab9ba27ecde25b3155e77ef0e0bdf7dfb2eee371548ac3f5ee01ff8777fd2b59d4266
-
SSDEEP
12288:aO4rfItL8HRn+RGzhqZB/nqm2lCVdLcODwxQ7K9wlsDpVFd:aO4rQtGR7hqjvqfsLcOs6+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_a79e3d24436e096d121b146be9eca830_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_a79e3d24436e096d121b146be9eca830_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3CA3.tmp"C:\Users\Admin\AppData\Local\Temp\3CA3.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_a79e3d24436e096d121b146be9eca830_mafia.exe 7CA1A8E679031D2F8F329632E13E80EF283F0CBF138AD2E3F41A35D5B307367BFB594BD4B73A23EF6A74F26763A85791BF47AD5A1A66CB73E68D2CE54E3B37CB2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5d5636170f2deea46c8df0a51c4a113ce
SHA11fa0abf45a608b8687a294924054836623800d45
SHA2563f4b4ca92b01468719876ffd729c6f71c5d0a421b17e54e55ef79b5c05fc1d01
SHA512ce8b2d459749084aab385e9eb230aae91c065dc8b6e34b108041ec301f6cb9cbbbeeedab74f984534722a0e397f4656eb59deb2a222110543f6df644b65521be