Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22-02-2024 10:33
General
-
Target
2024-02-22_50a3d833ed48f4ab3a5ef71189173b6a_mafia.exe
-
Size
433KB
-
MD5
50a3d833ed48f4ab3a5ef71189173b6a
-
SHA1
5b79da2eb9ceff8d3ddc6aec774a619c26703b7e
-
SHA256
9f2b88bcd6de9f67381ecbdcb77355c36e2253e6e50e850db8fd8af2fac49c8d
-
SHA512
8f525da1e5f495506c625768269c0422f966047bda7b8e004b6be22ee8e49ceb5d54197aba759d9c24fd6ffc3dfd2e703655d58c4a37e211b61ed7660406911d
-
SSDEEP
12288:Ci4g+yU+0pAiv+cc2uPDmdcwjTjYzcSZ2n:Ci4gXn0pD+JdKDEoSo
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_50a3d833ed48f4ab3a5ef71189173b6a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_50a3d833ed48f4ab3a5ef71189173b6a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6789.tmp"C:\Users\Admin\AppData\Local\Temp\6789.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_50a3d833ed48f4ab3a5ef71189173b6a_mafia.exe 7641C719023DBA332EA4B14E9FB1182637D8B66A1BB141F1F159DCB7F9146AF77A34DC4D2AC8545611F9019AF505CCECEA97BE895A81699A7A209542979A21A72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD54efa39af9186932d3c95d63f99d403e3
SHA117ae5143308b7c8cc9bd623b10f323ef54c8c921
SHA2563abade8fcd96c21562c3bae4800a9f4d3a3227ca45af9f1c761e46728b5c0aae
SHA512ee44bc7ac5c9a8794f79882d91a0fbaa356518d917b73cd47c79b2f3f9cbcc3ee462e0513c6bd64d0fce0eef97c2f8f3f7172903ac767d669ad1836e30139e05