Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21-02-2024 19:52
General
-
Target
2024-02-21_a8e66f2032c18b964c05fe28af01dd6e_mafia.exe
-
Size
486KB
-
MD5
a8e66f2032c18b964c05fe28af01dd6e
-
SHA1
f5697be6db26acfdf25bb1db723b7ad482cd60d0
-
SHA256
66778601af1fdc9eb81d6f5b9d6a120db196a1714fec5a6d85a72d5c46b85c23
-
SHA512
87a2f0002fd856f48e7e23867ddde385775b5e3ccab5fdb6a136348006aaae0ea6ede9024aa52c0ec21dd840dd56eb786fa852514e3475045210b9b6ab66e04d
-
SSDEEP
12288:3O4rfItL8HPInKaqDXQT6jbUZLpV4/KcTHFOG97rKxUYXhW:3O4rQtGPHjBjbU1L8TH73KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_a8e66f2032c18b964c05fe28af01dd6e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_a8e66f2032c18b964c05fe28af01dd6e_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4412.tmp"C:\Users\Admin\AppData\Local\Temp\4412.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_a8e66f2032c18b964c05fe28af01dd6e_mafia.exe A8569FE10C6793FD9FE7DB8F92643AEC5A1A19983CE24EFED8C37BE392FE026A4C8DBA733E343BE1F030292247990038C6BA341EB5A07E606B99C4C6E23CBC7E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD53d0fbf19088c789d6b37322093e12ec5
SHA15376d425bcf383f9951eca1160a26bdfff20e712
SHA256670f7fecab8ee825473a2d684d83c942f89669354dd23dd8b9e2732d695b5ae3
SHA512c6edfccc2f77d2809c15d85fde50cd713d6601a5b8f77727661c742eb128bcb31bff198b937d81a38c1de2e6217afe6f1ed17d6ab8b42c9de88defead7933bb9