Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22-02-2024 20:32
General
-
Target
2024-02-22_4e3a04490c6469bee03951f91ae12cb2_mafia.exe
-
Size
476KB
-
MD5
4e3a04490c6469bee03951f91ae12cb2
-
SHA1
6171d3881c390f323651520ec1cd219060520db5
-
SHA256
2eb3dc696b480e4e59ff2bd75b943bf1f9c9f1937cbe26c5947d7ef110bc87fb
-
SHA512
62e561ec3cc4d4d8c61254cf25fa159b54134ad6f20f12685ba47b37b81d28ab868b23d07d2c0a9e75607174784895d80f9b93ba84628287e385221763134024
-
SSDEEP
12288:aO4rfItL8HRDAR2S7SdkK9XVcpL7K9wlsDpVFd:aO4rQtGRsk4X+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_4e3a04490c6469bee03951f91ae12cb2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_4e3a04490c6469bee03951f91ae12cb2_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1DEC.tmp"C:\Users\Admin\AppData\Local\Temp\1DEC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_4e3a04490c6469bee03951f91ae12cb2_mafia.exe 2F411CBFE768A03558D32CA32DA5A4C45C5EC4962EBC91E268F73654F77C850D1C38072DEDBCBC53599BDF9685EE0DA3832C2D5D56BED070D6C08DBA901C1B6F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD52786ee201f0a1bd0a14a1fc0f9ec633a
SHA1dbc5e52c9453e759c347cfed1c64a3135218525a
SHA2567c38c54c8a7470822dc39a772292454122772d14f64c81d0a5a1223d565148e8
SHA512e30dc2c86c3bc89fc2e5604b65c84482157c1676574811ef7ad05f8817ad322301687298d5ef922da42773f5260a4b0612a9763b427bf6ad92d0cd0f935085a4