Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
28-02-2024 09:36
General
-
Target
2024-02-28_67d1ae004fae2a93774037f7bd759949_mafia.exe
-
Size
486KB
-
MD5
67d1ae004fae2a93774037f7bd759949
-
SHA1
9f9735a6dc9a84f033e3a5100d5286bf9ce16a20
-
SHA256
25ae2f0e3366ef2e4022f6c6e3d2995f66c711e39df74d5138f0f34709f3c276
-
SHA512
3b7e7f5251990192ffcca4a1dab51490107788ff12c0182894221f5526064278c75ba68ed92252469a78c738ab30dbf67b4ff43ec0de270a619dc95ec7e72e23
-
SSDEEP
12288:3O4rfItL8HPwxkairukg/OFiLU56Gcx7rKxUYXhW:3O4rQtGPw4PAAaK69x3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_67d1ae004fae2a93774037f7bd759949_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_67d1ae004fae2a93774037f7bd759949_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\122A.tmp"C:\Users\Admin\AppData\Local\Temp\122A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_67d1ae004fae2a93774037f7bd759949_mafia.exe 29D606386A2E2E14172C7AD9F6E8EBFAD2E1EE2C329058FB866275E216720058D174AE0C27701AFC02B11F8402163502A43DEC0EB3376C2150284D1B887384042⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5a6655f9d47345436c9a4cc547cbfa497
SHA1edaf30d6f36cdcc204f0b83ae0d3a920e8d765a3
SHA256040329c5efef25c6f577a0a302ddacd38c986b85bcfde07326390526b0a73c54
SHA51220d68476be6f6c66a9a371cc445f3abb6a95c173e40148e1b6e9b41046216ae2b6adf436e436c0edfe96051b0fc128c9339beb1bdc4823517f0360ac1a02ce9d