Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
06/03/2024, 15:50
General
-
Target
2024-03-06_d68ff8914f9c05f0b33c60f14fd0563b_mafia.exe
-
Size
476KB
-
MD5
d68ff8914f9c05f0b33c60f14fd0563b
-
SHA1
b9ea3f20162389fd63d34667c537b89e55afedcc
-
SHA256
a16cdd933b0478a57955a5c3fa9590404a9793a23c4f864052300bc371d161a1
-
SHA512
34fb7be40da62ccce725a79c837079a2f3aacc68f93fc4f75aef3ec3353490548a4a495d4814457fb59e673e23da0d594b2a8eff0b85e90a151a27e270663952
-
SSDEEP
12288:aO4rfItL8HR0RWDUSeCtcZbnQY57K9wlsDpVFd:aO4rQtGR0oDUetcZEs+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-06_d68ff8914f9c05f0b33c60f14fd0563b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-06_d68ff8914f9c05f0b33c60f14fd0563b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\66FD.tmp"C:\Users\Admin\AppData\Local\Temp\66FD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-06_d68ff8914f9c05f0b33c60f14fd0563b_mafia.exe 8DAD91F957C697470D9777348D6A211E78D7853DE1AECD564010D050FC3FDD3BDB2E4E6A8C5425BD5C6D8352A934767AC898CA750453047761B74FC4E4ECEEAA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD52c474385f43c92b006eccd6ed6359dc4
SHA1d5003100e82c4ceea4cf232fb81706ef0899af91
SHA25671d4fdb5b8de6214d22752d141ceb3832d659d69466436ca4d6b8474e0183f3c
SHA5126cc112a889dfe6a3c0376640ce9af2d58e78e505ab8824506993e2e2dd6ee2ed755eb1a9d14346da4d20dd558938ffb88312cbd0f91b9831d91d59a4ef44a44c