Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
22/02/2024, 05:15
General
-
Target
2024-02-22_91379658585b327886814131aefda9e8_mafia.exe
-
Size
479KB
-
MD5
91379658585b327886814131aefda9e8
-
SHA1
b0409e729e3a71dddd88ceef7338e955446be31c
-
SHA256
1ab414e43f3a1bb3c0bdc1bd6308dcbe2b57a0731e5ed55708d248c55de43e40
-
SHA512
5489e7ae1bfa65808fd2765bcd4fd4937e91a6f87b22eb1f64c02ce1d6d4a2c6364e390a8d9158c3c2c913e404dddcf301c5e0c7ead35feb8c38cc3994dfede4
-
SSDEEP
12288:bO4rfItL8HA/Fwo20q2KpfsD5bxkakjzqj7Pi+7UW75UO:bO4rQtGAdy0YpkD5yakjR+7UWVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_91379658585b327886814131aefda9e8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_91379658585b327886814131aefda9e8_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\19A8.tmp"C:\Users\Admin\AppData\Local\Temp\19A8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_91379658585b327886814131aefda9e8_mafia.exe 623A58E22CCFEC552CA50EFE11856B959B9C96292BEE369C6C9325910B6E2F1CCE719BB3B5A20B897D9BB2A849BA2456C9342BECF134E713596A1A8A5FB5F7BE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5e0d3c6aae55575f78a22f269fab1d2b4
SHA11d01d474991a56ec97d81f8bd3bad9bfd4d71f02
SHA25619b47dff8a23ebbd218336d1136d954ef4205ca387f147a44f6cda478b8cd3a7
SHA5127bbbbdc3cb376bdda46c3471e1857b234f280f4b19e36891c831304c88aa9ba38202f7be512c1844e98e433075475d7398da22f1628247393a52784248c3a055