Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22/02/2024, 23:31
General
-
Target
2024-02-22_95bb6d398dbd506d3ed55b85862f637a_mafia.exe
-
Size
473KB
-
MD5
95bb6d398dbd506d3ed55b85862f637a
-
SHA1
d16905e2e1c3d9bb2ab835fc82d0455ea1b61f2b
-
SHA256
a1ca2fa640f355e0c34174dbd68ebbd3813e20d30118d49bd2fb4b896746d1bf
-
SHA512
1c8819bfd9c388b1f606a1fcabeb5851e0378c982c38a12e1b980783771e5b6c33962a2f18cea5912a573583722279ca77a5ef7ca0189c7dcd22f7dbc82da677
-
SSDEEP
12288:Nb4bZudi79L8LwhHFuFeZEduqHtkAbkA0a:Nb4bcdkLyw14b9H1v
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_95bb6d398dbd506d3ed55b85862f637a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_95bb6d398dbd506d3ed55b85862f637a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3997.tmp"C:\Users\Admin\AppData\Local\Temp\3997.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_95bb6d398dbd506d3ed55b85862f637a_mafia.exe 77C3F9AEA1ECECFB0CA36D2E90DEE1813FEEF00CECA8307427CC307B1454D85977D15D3407DCCC9F526DDEBF2E6AD963744C9A48514A6734C9B386C52D3F67BA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5b6e8d448badaf085646a29a4197cf9aa
SHA12df1add0f98168dd8ef2d85fce9f961d2b1a2085
SHA256420f9dc22d6799ae63751264df3b7b3697c1da99cc3b383f028f1a7ddc8043b5
SHA512101946cdf055b6c48a67ffd10d3741a341a69635b4aad046f9ad90427251f62e4779a37b531330a5562531d013a41ed88ab490fa9551a81dd06389bf14fafc51