Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
29/02/2024, 03:51
General
-
Target
2024-02-29_cbd1d3599f808843f271bc61965c46f6_mafia.exe
-
Size
479KB
-
MD5
cbd1d3599f808843f271bc61965c46f6
-
SHA1
400fa40b56b90416e06d4636860f1d2945a2988f
-
SHA256
f700c565c108136cc06f4952a78e8e1c5555d277829ccc7eff77f45fcf36c788
-
SHA512
38a39ca9d3c9df412f5c00338dfad4ae05cc08d4c2af5e41e9f1b1cb6a884b3c66ca1c31e5105a40b7fee3ec441b1999e8ba52ac02af580f3c114c38da599ad1
-
SSDEEP
12288:bO4rfItL8HArOVWBwLrFlwUyBxV/Z/Vi75UO:bO4rQtGAEWJUyBLN0VUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-29_cbd1d3599f808843f271bc61965c46f6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-29_cbd1d3599f808843f271bc61965c46f6_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1E79.tmp"C:\Users\Admin\AppData\Local\Temp\1E79.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-29_cbd1d3599f808843f271bc61965c46f6_mafia.exe 24434681293B5305A447BAF76F52CCE311DDEACDE03EA83745BA1BD7968D64D739C14E9592A573E6ADC9329C1924B3458663A8E9EF823476DEC2C8E0923F41442⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD598ba2fb4f9c4b6ba7a3e64fe4b748e80
SHA1ead6138b9f87ddcd504294719b7de9f2ea239b6d
SHA25609553c2d99d06beb647338d51cc0e0690777234e1f18d5167c58f3dc74ff2596
SHA5129a951ef43cf5e3285707e4e21aa316128def4d77e4b31d7c4238be7a20de72d5d4138046e3f58fd4f59ab3caa4b09746ee8487b52461f11a2f17ec6143a7743f