Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 13:02
General
-
Target
2024-02-25_6298b2155549970ecbd0ab8ece9e05d6_mafia.exe
-
Size
499KB
-
MD5
6298b2155549970ecbd0ab8ece9e05d6
-
SHA1
3155d5c3f5def2e63799757ee410adeac05901a0
-
SHA256
c42843656a2412241d98a91fe92b221419f0e1d7bd9769017549a19bfa6bb731
-
SHA512
0a34435f6a9bcfcf253d187ecd174163067a366529dda2b4b6071e6dfc2283d689b30bcb43143f13a0d8c5355b9f67b85daea5b0fd71c87c61ae7ed27b79cdba
-
SSDEEP
12288:sO4rfItL8HP8U2l1a24psw1G/7dmsIhiqlj:sO4rQtGP8aR6OG/AsIhiqlj
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_6298b2155549970ecbd0ab8ece9e05d6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_6298b2155549970ecbd0ab8ece9e05d6_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4E10.tmp"C:\Users\Admin\AppData\Local\Temp\4E10.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_6298b2155549970ecbd0ab8ece9e05d6_mafia.exe B7518ADA7B65B25E0955E32E6AB8D1C31AB54A4AB9D3ABA632BFA3F1E8AC266F7717D03C238AA949D0EE5D106C813FB97C98FDEA019DCD4ADAD97C88B3850DC22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
499KB
MD50ca77e2b5e1f0bf425bf4cac6b4bfd91
SHA1e5742f9758ab54c3230ca088b949464a6fc7d943
SHA25684ae879165fe8c174f8a0b9daff09e1a0e0aa495ad4c9cf1f033170e9476801d
SHA5125038724ff8c0a94d7e4de3e347bdc8f018622c68f5fb4db6b604762c5ac1b5f18dcf6fa654479ff35da0a3375a555d0ed16bec97d62ddc8831d5eb2b5a442ccd