Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 01:23
General
-
Target
2024-02-25_0b159560fa2a8de542e0dbe5c3ee30e1_mafia.exe
-
Size
479KB
-
MD5
0b159560fa2a8de542e0dbe5c3ee30e1
-
SHA1
f4108b4762c9c390c057f84893ed4b459d375df7
-
SHA256
e529c86778abd5c2618b9248c99b7fccb00919f18a822be6e1a00263aae9cfec
-
SHA512
9a408bd6815ca52c70e9fa086b416392bb3f3adc4b91a9ab298883a4a2ed3061ed8934236decf31fe54331bba073966a3f7c51e989c1e82026fc11b8a54d7d97
-
SSDEEP
12288:bO4rfItL8HAoNz7DddXflaeDiBAcBt75UO:bO4rQtGACz7DEuirBtVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_0b159560fa2a8de542e0dbe5c3ee30e1_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_0b159560fa2a8de542e0dbe5c3ee30e1_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\13DE.tmp"C:\Users\Admin\AppData\Local\Temp\13DE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_0b159560fa2a8de542e0dbe5c3ee30e1_mafia.exe 4B70AE18DC169C6C0DF537BBE3E60BE78765943EAF82D68E8364830D4541E985A87119829147D0E18709B258CD710A5A4DE38F4EE6C30522CA8C441DF84A01592⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5e6dba3c74e7c83c00917f03562df8a0a
SHA1c55f58d6c9a538080c8c11d42701c0d7bc567254
SHA256d02367412df2bc89987797d4d077c9defcf984fc8a12585b7ef82e7531be31b4
SHA5123f5a13c4beba9ac2306c9dd69b984c5864bff95764c250a44b0d51b4b5cf9900a66a9e9acff00b876617afcd1a9d025e05a49b1939ddb0f901f1fe74e8093252