Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
05/03/2024, 15:36
General
-
Target
2024-03-05_8fff270a1c8c948ce955b3a95e9abb48_mafia.exe
-
Size
435KB
-
MD5
8fff270a1c8c948ce955b3a95e9abb48
-
SHA1
8e56f769776c2caa207c6bc39ed05989e77224dc
-
SHA256
87f3092e43a89bf4f8aa3f08cfc78b8f6d7c0086d42bcc5a5fa63ab9be34b5be
-
SHA512
e3860b22ea532ca9df2d439bbdb4f8e69b2d2f47d1f2a728a41380146bd31f76171a00f3de3f7cc94c26746d2d1887b0b20c8fd9ad7f371c0f13a074c8e6f0be
-
SSDEEP
12288:9W4ufepiqKQ1mc42qdUAhQ5MGLZzkcKwtrotIJ:9W4ufepiqhmcxqiAhH+ZPBoW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_8fff270a1c8c948ce955b3a95e9abb48_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_8fff270a1c8c948ce955b3a95e9abb48_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\337F.tmp"C:\Users\Admin\AppData\Local\Temp\337F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-05_8fff270a1c8c948ce955b3a95e9abb48_mafia.exe ED712E1C7575B0CB045B7641E098BD504BCF64AF2E09FBDBC0BA526B0117B8B906A91EC258881B5093BB069C9F53CFAB65063A5AB52EF4B7838287C783DA35232⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD50e649ba3abb75b1f2ca61267c0c2eb08
SHA174423988b126f65d8adbace425fc2ef48f783f45
SHA2564eff78d77ec75254ccd7841547ddbd36973865c15300e4cd782a2fc763b49ff6
SHA5122a93d0e354bade793e97a8427a94a3a7d39d18d631cdd3d446a045b4977b5659a9598007db461bfd08ff65ce8afd1ecf729d3773f3b489698ea5612fa47921f0