Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
24/02/2024, 20:24
General
-
Target
2024-02-24_22cb54c4b0062dd760d1bd1f6121eedb_mafia.exe
-
Size
486KB
-
MD5
22cb54c4b0062dd760d1bd1f6121eedb
-
SHA1
85857ce7c33a2af73b33eb5ccd6562f13965b029
-
SHA256
bd3d83f94b46748a84ae634076a864c5fb8a46ca1a3121f7faae6a352227f6e8
-
SHA512
24efd122bfc28f06a46eb5edc7506373d798ab5c4d8e4b384f610eacef6d0a315d2fd87a9ad8ad1985b74ef3e91092d13b39a1d7d36db32188f13a6ddc8268f4
-
SSDEEP
12288:3O4rfItL8HP+XlRLNrSzSfqHFildOgxA7rKxUYXhW:3O4rQtGPgxqUqHFKNxA3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_22cb54c4b0062dd760d1bd1f6121eedb_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_22cb54c4b0062dd760d1bd1f6121eedb_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\88DF.tmp"C:\Users\Admin\AppData\Local\Temp\88DF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-24_22cb54c4b0062dd760d1bd1f6121eedb_mafia.exe 88A389BF8DB66B28D27E570E39191DACF0C845323F9FB61670A0BAC57E85BB28574A20937A2EC70B4A15E8A7F44846582CDD1423E53AB84FEC4FA2B03D2031602⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5db6f4354f531eed3b7a075c1c91b1225
SHA12ab81124b9734e2fa33c96b5b4e7eb5f526a630f
SHA256802f1f126c6d5ceb89b8519823d0400aaf178563e8f48e0b6ff42c4bf475e351
SHA51218062934019697abd066eae0679ab3d5f92709cd3f62f3d8b71728bca241773dc8830cb34662444c7c6981b3876dba5877e7f74d7a93879f8e052c7a1607b1be