Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21-02-2024 18:40
General
-
Target
2024-02-21_88828dff4476c1118142d9aa99734fd4_mafia.exe
-
Size
443KB
-
MD5
88828dff4476c1118142d9aa99734fd4
-
SHA1
0bfa9f3d4aa2f61177a0d8e35386df5d9190279c
-
SHA256
c711d33923d5797dcda4cbce03b670ddcee6a60cf4d17cc3e389d897fce6555b
-
SHA512
25d882185a9a62e5f0521d8534142b2cffe556b7b7cf4f8ceb50b77c94c210a992ec2004cf863b732b153d0082e23bc2ec34d18d6a8f89c81bc7dcd54deb62f3
-
SSDEEP
12288:Wq4w/ekieZgU6ctm59zYl7j+8sstrPIlMa:Wq4w/ekieH6t59+1BtEP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_88828dff4476c1118142d9aa99734fd4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_88828dff4476c1118142d9aa99734fd4_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5DF8.tmp"C:\Users\Admin\AppData\Local\Temp\5DF8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_88828dff4476c1118142d9aa99734fd4_mafia.exe 91FBB9830F5A39BD1D7E0CF774AFE91DAF26453DFB513DCBDF40C20581304BF5C11751073A8DFD26A6A3C4029CDCA398298A11C1DF7AF4F525B1BE629B1E0E1F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5afa0977cd4429320b330bcc7c09c981d
SHA18b8bbbd05ffae42bb1c7c226e01f19357bdaf863
SHA256c78ed4d8a300ba518cf4227360df1577b14a4ca1321c4a0628cd17b80dae91a1
SHA5124e6dca7c055ecd91fc74a76af24a2711d6166d9008cfb929a27dcda0b1f1b16e075a38cb528ab5369a544765b4505d660ab9d9d9cc82b8d45756ef43b8a09325