Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28/02/2024, 05:11
General
-
Target
2024-02-28_8978d4f7f7ade5db138f5109fa8dabbc_mafia.exe
-
Size
486KB
-
MD5
8978d4f7f7ade5db138f5109fa8dabbc
-
SHA1
fd7e081b81f0754d6ae466e51a74ac10adfc1754
-
SHA256
df2b27ce3177c82095eec28af7069dd5bd87834220169b050dca4cc9de300427
-
SHA512
d118935873334a7731bdf042ad804598e67e70e3a26bff6280e1df82a7b9f078b034c7c161809e782a19523e3a47ae10923865f867f253a04dc6149a50a1f641
-
SSDEEP
12288:3O4rfItL8HPJ7v1g+RPpUJD5dktWu8wvT7rKxUYXhW:3O4rQtGPB1gwPSJ5d103KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_8978d4f7f7ade5db138f5109fa8dabbc_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_8978d4f7f7ade5db138f5109fa8dabbc_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4376.tmp"C:\Users\Admin\AppData\Local\Temp\4376.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_8978d4f7f7ade5db138f5109fa8dabbc_mafia.exe 2FB1D5A18D4113BA037ABD156FEFBFFF5F8E6B485FF19736DFF5808BD3D89E671A8F17895594A16B79005758036AE573110B98479AA68C3AD227EDE59CE209ED2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5a243a7228b076ee1d1bdc3011e352dd7
SHA1a4365dc69db41360eac8fac6539ca5a494b38c5a
SHA25680f40b41c3f83b2b9e53e81520ee18fc2c4d55733da997b9fecaf156f0bc7705
SHA512df5e407758e2a005cb66bb21cdaa41709a1f5bf9aad5a0ab923e92e748020164ecd4098a95f23752c654d485a7cc0898ecc35161b635027f72bb6c95d9688b52