Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
24-02-2024 17:47
General
-
Target
2024-02-24_6efb820162c47222f050c26ea6c2ba3e_mafia.exe
-
Size
443KB
-
MD5
6efb820162c47222f050c26ea6c2ba3e
-
SHA1
2082004eca07fb0f71f0447030aa00ab66486540
-
SHA256
e8054da4d49c57f08a5714544204f7923e7f39d07169b4aab3e480a8d947be56
-
SHA512
1bac332b9a1a15f43695696c8a62ea8bc4fcadc7e11171112dc9df0ea84e5ef4a1ab3d74c8e7c3764410117753a1ead6244a78e377a6af039828ae0125749e8d
-
SSDEEP
12288:Wq4w/ekieZgU6yAI+oejXSmoRlfSLPalMa:Wq4w/ekieH6yAuebtorfgaP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_6efb820162c47222f050c26ea6c2ba3e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_6efb820162c47222f050c26ea6c2ba3e_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2C10.tmp"C:\Users\Admin\AppData\Local\Temp\2C10.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-24_6efb820162c47222f050c26ea6c2ba3e_mafia.exe B183B61379A765B5BF3DF803BD3FFF4A24AAA384C477D876E20A9176545EB5AF6965AD974D647FDE56A3473E622C0B77D373CFB4DC0274E3B4F558767AB8A4A72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5350d4fce9c5963302e3660757039ad20
SHA130e192b50ede1bcbcada1fd18a137093032a14cf
SHA25630460b6ce8f3f6f5523b3f21d41cb5d715ce1facf3f8bb80f4a5c34cc77f8351
SHA5126ad1e0a4d3b3c442b5a3a269b97ff1a660e5e6c27641d43b50fff6947c5625c22f33cd31eb6cdf372b088969c33c078ef008edd8537896bb86c1437e6ec35861