Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 02:24
General
-
Target
2024-02-25_06acf9faeaee6b46f43d4e6c3e02e02d_mafia.exe
-
Size
479KB
-
MD5
06acf9faeaee6b46f43d4e6c3e02e02d
-
SHA1
0c3263cc88531d39e3d52c81d877caaa65c76433
-
SHA256
c23b5a04157e9139a8fc85ab90dac450aa169d3408b165bf6a3962b5d1d8fd8e
-
SHA512
7d67485257b880701d95914a5e2b2480c9ccdeaecdd93916c09159d7ab202d61f0a16e00918b1dae14adfbe84f6ef64a1ac6239d9e21c2d5cc8a51a57db05cce
-
SSDEEP
12288:bO4rfItL8HAUmCJGrFrqID86pQfBzJ75UO:bO4rQtGAUbJ4FrqI5pQhJVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_06acf9faeaee6b46f43d4e6c3e02e02d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_06acf9faeaee6b46f43d4e6c3e02e02d_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4644.tmp"C:\Users\Admin\AppData\Local\Temp\4644.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_06acf9faeaee6b46f43d4e6c3e02e02d_mafia.exe C2703D97AFAE1311DD2E7E576F0BA587AF02473F3A1E137A878A2A5E5DD649DE635872BF1E34DDC44F9D598BF7BA008B4B090B5A5A929AA8C041A2BF318F9E1E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5ebd4e445b34d6c17d41304fac538e782
SHA11013687d6f1b12327d9448ab5b8e89a73b1fd192
SHA256d8fd5a407f58de8c162d07d485df0e1e570b214763aa52a8b6bef0e29426984a
SHA51224e927a6e82dd3643b321b62863e232e17fe5544aad1e66df71218197050a36caf7cd4c479c46a0a3806c230599181a5480c315e7381bb494bce4475004dd70f