Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
05-03-2024 05:52
General
-
Target
2024-03-05_69f967ee6f500a2013f007998f612026_mafia.exe
-
Size
414KB
-
MD5
69f967ee6f500a2013f007998f612026
-
SHA1
30c50f8d3e046f6c884db7872de8631e28171c2d
-
SHA256
76c424899e980e14f92352530051ad019a82e4b644cdf8446c22cbc628b82d1f
-
SHA512
707b1b3bcf302cf3b42f2482638f11d0d8fb5884504b01d679e545b5183102860b3d02410316f984fb258c17a8678133703ad29fc0bec2642941fa895ae2d086
-
SSDEEP
12288:Wq4w/ekieZgU6xxysSb963QRCe1VwgqOLZl:Wq4w/ekieH6XK96AQe1OOd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_69f967ee6f500a2013f007998f612026_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_69f967ee6f500a2013f007998f612026_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\117E.tmp"C:\Users\Admin\AppData\Local\Temp\117E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-05_69f967ee6f500a2013f007998f612026_mafia.exe 2C2A51215E9D73872A0B83BE1A67B78D822F732716B9144AC74915744A272C17A25992895821AAC2BC5CE02E256443905F991F93C13AA4A8CF7F714814BF4BA12⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5eba10ca8df1a10d3bf3795bf45424a79
SHA1bbe77f18104491cf59bd9a774ac9eed6ad10ee03
SHA256008dd5946db958002982a20fe7b0f8f98989aafc8e7e6ae4f03620d521be2b78
SHA512a39288ff425c8b582f3c695f221ebfce0dc722f7423ae2f03bad58aae65f360753e9547bc0fafbe42e90c3fea9bc98efe4e0fa029992dbf2513ee512abc41729