Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
23-02-2024 05:58
General
-
Target
2024-02-23_7fea89bef5b03515de2cea46f8a0b521_mafia.exe
-
Size
613KB
-
MD5
7fea89bef5b03515de2cea46f8a0b521
-
SHA1
80450351ff6539202fa01f75366cbbe6e6e0305f
-
SHA256
e831daeaa3dad7b25f14c86a86a76859ad4c933faccdf4bc9bf2bfa4570fe7d2
-
SHA512
993fb613517cd6f68aefb53cc2e8b44084a8612f49e6ba117b98e7d07aaa0356998e53830da3135d16d2411efec718a6b06c7b12acaeb20ba2c81bd17bc96f0f
-
SSDEEP
12288:XO4rfItL8HPF5wk++lwKKiH+1ow+Q7Q8mO4rfIt+2:XO4rQtGPF1PRe6w+QdmO4rQt+2
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_7fea89bef5b03515de2cea46f8a0b521_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_7fea89bef5b03515de2cea46f8a0b521_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8BAC.tmp"C:\Users\Admin\AppData\Local\Temp\8BAC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_7fea89bef5b03515de2cea46f8a0b521_mafia.exe 4483493DDA5B5A9B34A14D8863E1E2B8107D48642A23B5203A2D24AD1369F342B0107E0EEA8870854563469CECD7E042C714A7F4DCEA7C619B6940FEE01A62142⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
613KB
MD50aa9f23890b2ee3d9d972aecde7494fd
SHA1388a48d28429f87c1461e17b525f381c23e254c4
SHA256efb788167f3a797400adc6506f9b4a88eae9f79c28fc0242c1892df881279791
SHA51273a495ab4f17ef9661f8ad80a884575cc602ce5d2dc6578c525c4bef519b539d3599e11151c99cbf906a8810dfb082c825f5ae8d77444ec6af353e5d5215186c