Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
05-03-2024 21:28
General
-
Target
2024-03-05_2210a5cc4984d6d8c52b3846d9a2a05e_mafia.exe
-
Size
433KB
-
MD5
2210a5cc4984d6d8c52b3846d9a2a05e
-
SHA1
dbe015046a57928b3c3422c5c7c9bf386ff52160
-
SHA256
3b7b7532e19f828da488204f8fa04c15207dfe718e6c17caea35546b8c0b35ff
-
SHA512
47d3284a9699b2c16957633f824b2f13f6e0feaa17a85d4092678da5a8767ab4be7ff08036f2c7969ca5b1b2d969818feb3ccb96827100bb13981dbaaa608bca
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvTrO9qStGzQetQhS8ggU3WvgJ7NuNPhc/Lm5:Ci4g+yU+0pAiv+4997clNEoDmk4n
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_2210a5cc4984d6d8c52b3846d9a2a05e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_2210a5cc4984d6d8c52b3846d9a2a05e_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1E3A.tmp"C:\Users\Admin\AppData\Local\Temp\1E3A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-05_2210a5cc4984d6d8c52b3846d9a2a05e_mafia.exe 93809FFF717B32FA5E16BCA71798C677D963D1AC70BDBB1B2AC2E779CF53C34B50F2AAC777DA522C654B96BA6F94E75EAFD97F2413D043D1270C9C81B0C3083C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD585101ca703d11a4df3dda3c87e94ad01
SHA1108cf3d7eb8d0df630c98b330e1ce84a35dc7391
SHA256a0e6211fe26dc83c60abb151b978d34d52dd7e82343a00842439634062eb5fed
SHA512538236df5e8751b990110582f60532a9e3f793ca448ee63eb732f46b14aa0bc62e6a556e7e714d51d2678852709d46f017e5e848c34c11c67ea3ee6729e16be9