Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 16:47
General
-
Target
2024-02-25_e802e2f58f11a763c1515b75d79abda4_mafia.exe
-
Size
468KB
-
MD5
e802e2f58f11a763c1515b75d79abda4
-
SHA1
f61965df368478812c7195f6b6ac180b76c032bd
-
SHA256
897898d7b388c19f6b0c48cb2a677bdb85fe29222696e6461a860a2d4a3d833e
-
SHA512
e19423767a3623d7e7ce77eb01bae2946e53af17233ceb0e763ae94acc5f465f0c96b211c42e18a8e125922538526c6ddb16692cacfdb93356144a32359bba6a
-
SSDEEP
12288:qO4rfItL8HGTci/2Nz/7KVbX/AqPeWmlpE7bWmeEVGL:qO4rQtGGTciyz/7KhkWmlpEumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_e802e2f58f11a763c1515b75d79abda4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_e802e2f58f11a763c1515b75d79abda4_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9849.tmp"C:\Users\Admin\AppData\Local\Temp\9849.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_e802e2f58f11a763c1515b75d79abda4_mafia.exe E938EDBB7003E5F39FEAC7BFE48009549FE6BDDA55DA843D1C8EF041787334499044DAE56CAA86B54959BDC32C5190E1CAA9DF30C841821CB39E3950DA018FC42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD5a418a1839443d82c316c382e2011ec4e
SHA1dc6fbc63ea64b6cfc68b6976e24d67daaf1768f7
SHA2566e7d7296f876df0fd36c8b9a0b283c546a0c97a812b12c118d0d0462335791b1
SHA5126379a75e7b313e384f15a37cf3546af58f4d359bd1af92bab12c55f57742d2b02aaa27163adbbfff068cc7cf59eadd77b9ee6f556b52b2446a796ec66a6a938c