Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21-02-2024 17:00
General
-
Target
2024-02-21_b65b90adbb8f9f4e60c6794a2827a7b7_mafia.exe
-
Size
479KB
-
MD5
b65b90adbb8f9f4e60c6794a2827a7b7
-
SHA1
db95befb70a53fb62a18b44e171906a82c005b72
-
SHA256
05be3d9d299ca2da3f3ec3544ca535212dab5359360a229d4b294d22c1c0073b
-
SHA512
1c7ccfc9063514c171f636618bd00c194fac5d7d531a753d56da4196d6110273a29f3dccdf9f15e3fe3e15f4cdc47ac4ec0286c2d36e451b90c3e1eb509d5dd4
-
SSDEEP
12288:bO4rfItL8HAHNJWpNjCVpxL5kQYbveIIAhynoAZe+75UO:bO4rQtGAtJWpNgnJSveIJgTVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_b65b90adbb8f9f4e60c6794a2827a7b7_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_b65b90adbb8f9f4e60c6794a2827a7b7_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9CAD.tmp"C:\Users\Admin\AppData\Local\Temp\9CAD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_b65b90adbb8f9f4e60c6794a2827a7b7_mafia.exe 766B204E0C0C568D2B7441B6960B73E662526EB51186DD9CA3604F1BE67951B667CB6719E09DAB389DD4CC4F7EFC31B744CC2C4B13A71EA553C0228AAF99529A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5cab1c076042d022b6303bb5e482c9285
SHA1911a06302a13ab170f196d0eec7b636e0c1e8916
SHA256ba8011f394054a76cce5dda0a47a5c9637f3d2dcd30e00b291b49de83116ad27
SHA512285813d3d58bc46770a0efd763f20788c9dd853c76dfed3f3ad566b04e5db1f05702b061f92aec3c420a239e001d1059c2ff1f3579ce8cd517aa458f84e378f3