Analysis
-
max time kernel
117s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
23-02-2024 06:30
General
-
Target
2024-02-23_fef5e364ea68def6599547df331822be_mafia.exe
-
Size
479KB
-
MD5
fef5e364ea68def6599547df331822be
-
SHA1
6d6ced82f86910859fbe3301a505e8ded8cc8f8e
-
SHA256
ea2f1e74ddd1f2c847ce7f6cd68701bcc2fae77a7ea68f207e9912df9d4b01d8
-
SHA512
70650e57fd61fe0f46c0e0c1ae03701e5bec51790a514d3547f3bd740ea20418be2da3eb8c56f3a4203a5d73b9d74f60a59ee3fd68bf0b082e409ce20dd66243
-
SSDEEP
12288:bO4rfItL8HA6L7Dk4g7j8wBmIW/rccSyEKHfKQ6jA75UO:bO4rQtGA6Lvk4gHxmI9cSo/6jAVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_fef5e364ea68def6599547df331822be_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_fef5e364ea68def6599547df331822be_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5F30.tmp"C:\Users\Admin\AppData\Local\Temp\5F30.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_fef5e364ea68def6599547df331822be_mafia.exe E3A8CCE5B8F29AA8C6F01538BBB784EB81132C7F15EE67B4823860B60BF0C65A5591F00D575AE8F4EEF62DE86666FBDD795092FA996E8067D482D95767FA811C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD50299410128bfa5c58f1e80234fa48434
SHA140d73dc2c32b141f7507d822debd710d9ed43ce7
SHA25644a0b1c01275308f401ce04cac66122176b3f0c050eb910e2fbbdec491c6c277
SHA5128cc1cf877bc99460e090a0f1fc09377c1d9dad05d040656e5e4f14042cb410338bf697979c89b5031e2c431c6b090dbe27f554c375b18108d8e2eaeacc48a9ea