Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
29-02-2024 06:52
General
-
Target
2024-02-29_e1335f706dc8be664b1273bb66d52a70_mafia.exe
-
Size
476KB
-
MD5
e1335f706dc8be664b1273bb66d52a70
-
SHA1
c1c5b55a42d486000fff596e707be643084f7f82
-
SHA256
a2e632aea041528f5583a41773b40ae1b3924e84d3d8412b10ca2e97171e5767
-
SHA512
ac6eee5030dcdd060ac211853edcf4ec93b1578fb348a86373ca281e8e550ecf99d5c25f9aa1220f056523c82c9f9c37d700b1936941fa8540028c2e5525e34d
-
SSDEEP
12288:aO4rfItL8HRfAAz6odjZ5nvf+a2ZMw537K9wlsDpVFd:aO4rQtGRoApjLuaSH3+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-29_e1335f706dc8be664b1273bb66d52a70_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-29_e1335f706dc8be664b1273bb66d52a70_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9C30.tmp"C:\Users\Admin\AppData\Local\Temp\9C30.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-29_e1335f706dc8be664b1273bb66d52a70_mafia.exe 839780A7C7B63662B61D6B9DD2FB3570748C92C2E346FA452CF41CBE1D4130BBFC1EE181E4916DE0A2642E723EDF6C56CC38A6393CB05CD5B77836F8D4899D5E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5f284a29728e910d8ff87a95d626b9bce
SHA148e6c268dc7eaa92c33a143c9099b8877652f4e3
SHA25661887bd7932a13ac746d64152f4effe9ced3dc318a8b95b10a3b34160354dd75
SHA5121acae6a08292238621827070e9794de7c02bb7e3184018b6a7f2260fdd79619b0951d1c4cbcb8ede9dea937480bab9929a331d2d839ac6bc50c0ecfa72b6ce86