Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
23-02-2024 05:50
General
-
Target
2024-02-23_7282d79bf9211b481815b91129df8c6d_mafia.exe
-
Size
613KB
-
MD5
7282d79bf9211b481815b91129df8c6d
-
SHA1
66cc6cc838a994c32a38f859ec73cd1e9fef2b08
-
SHA256
ad8afc243951f168da3f836462fd91ce32c652f6e515c6a3c15f2ef0ff3b6131
-
SHA512
39268b6b0caebc34ea960c663a0e1d2c9de2e3febdb8d40630bc486216d165ae60030d5c395be7da205dcc01931efcfdec6cca6ba599d3cb8ef8dc0942061359
-
SSDEEP
12288:XO4rfItL8HP8FpnwGfaxKikK1ML9a7Q8mO4rfIt+2:XO4rQtGP8FxwJP7OLgdmO4rQt+2
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_7282d79bf9211b481815b91129df8c6d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_7282d79bf9211b481815b91129df8c6d_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B18.tmp"C:\Users\Admin\AppData\Local\Temp\B18.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_7282d79bf9211b481815b91129df8c6d_mafia.exe 18835DFF27E5B46FA65EE158217CE12F2B05E95658D1F4AE2F03A28CDF8F771C59196B9F2597A8E1323A8ACBE3FFBEF5490CD56906DA450D891BF6A154A7F6402⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
613KB
MD55b25cdb8d9560dcf597f9c6bf67ce284
SHA1a6977e5214dfdd895cf0047d88e76a0f85d8bd95
SHA25649965103879ed7c45ed2bda96acd3a12e74f35fbe4df99e08a0a84b5f738b3c9
SHA5124b577f704d2da2766130610f6c36bd208697d3352d1022d90de2685935407cdb348a5bb820dc6176d5aeb10d3858b67424bf9e366bbbce284d851af4f6228545