Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28-02-2024 12:41
General
-
Target
2024-02-28_ae4d6bd1f97680fadb72335675c93b9e_mafia.exe
-
Size
444KB
-
MD5
ae4d6bd1f97680fadb72335675c93b9e
-
SHA1
b80ddf925a32cb108a59123213fe00f63b1cbf13
-
SHA256
b79c5ae4d65430469879ae59389e855df50cf46ae29cd4c8549c5550266cef5d
-
SHA512
ef0b964a23ff2dbfd44737827c9a69123255de18f2478148a911e32ede3ca1974f75881c37f3f81eb2e1b6f477e83991fbd8c71272b1eadc5d9f3cbb5544eb07
-
SSDEEP
12288:Nb4bZudi79LDFI4wSCoelxv/hrgIcdguIxA:Nb4bcdkLDfwSCoAx6
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_ae4d6bd1f97680fadb72335675c93b9e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_ae4d6bd1f97680fadb72335675c93b9e_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2D09.tmp"C:\Users\Admin\AppData\Local\Temp\2D09.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_ae4d6bd1f97680fadb72335675c93b9e_mafia.exe 98EA9EC0579C0E9B83B8896062BD60F5574AABA79E5226D0B6558E7148D52A1D9EE0E0EA5764664EF16DDF262C92825AA7FBD219D73F8C8A210DDC914A3513612⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5f6de46d82c5df44c5e02eace97fcfe48
SHA189f6b796f95b962a7b33317859cfa9c35ad0dc27
SHA256d5d1a451ea8c007ebc4b5bb20489ecdb01acabac1bec833df31c7afb5eee0d22
SHA512d3ffaf427f8c5a273cff3c9756f5227a782161f3baf57b6ebddd43b49646c06a1199fab0f41c040d0b9e38cd21fde1773a76c7f9f0e38fb040a3691a54c6aaad