Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
06-03-2024 15:39
General
-
Target
2024-03-06_7f7001c4f63edd5cdb48b0ba66be9eb2_mafia.exe
-
Size
433KB
-
MD5
7f7001c4f63edd5cdb48b0ba66be9eb2
-
SHA1
081574d261ff837a9ce6a6d94d2e699686743c64
-
SHA256
86fea582c43ba58d1da84c839c2936733d9a0bd6ad7181d2c901a9d53dde8bbe
-
SHA512
b0c969ad0b61788a7ba389b51dc2c4024a2c41166abed4799613136e3b15d24cdf1226cac1eebb9b7b0baef197069ef3164eec216a364cf0cf1922822e9af547
-
SSDEEP
12288:Ci4g+yU+0pAiv+TVcFZ2wMqtG1fTrgOfg2TOn:Ci4gXn0pD+pEUqExTEOfra
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-06_7f7001c4f63edd5cdb48b0ba66be9eb2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-06_7f7001c4f63edd5cdb48b0ba66be9eb2_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\83DF.tmp"C:\Users\Admin\AppData\Local\Temp\83DF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-06_7f7001c4f63edd5cdb48b0ba66be9eb2_mafia.exe AB33216DB7F39D905FAD18AE7C4AC875DC836324924E242FC872576BDBC9066043FBBA377DE531AC6196375242DF9104462AC26D8E3F5C719787995BC58AF80A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5f46eafa890b12cf7424c9292b899b10c
SHA1feff9ba9570b0a2490b463d7d6d2121dfca93552
SHA25625b4b8de01a421a1d800cb67fec066a0217795213c609baaa629240f96cfedb8
SHA5129ae84aef1a503603b6e884416bab1152e302c570c5e221fbf3b174d56de42e998480e75af0bf8fb15e8227267043232cc67b143d27dacf0504c347a331e34a02