Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
06-03-2024 17:44
General
-
Target
2024-03-06_749f8d82d584b52173c961761fbc3141_mafia.exe
-
Size
414KB
-
MD5
749f8d82d584b52173c961761fbc3141
-
SHA1
d7636840038e7c284fa0706bbbf500c9f0e83281
-
SHA256
97e8ddd074a01a91c23ee5bba598851ce275a4c5939a58e25df1262b923a54ba
-
SHA512
c487d5c1668deec0c5e32aa33e590eaa6e90326e9b7bd042aa3c6da7043a3aabfd234a0b191124ab8bdbf914b1790f61ae0213d7a8c6766529288cff2f30398d
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYyUrRiOjaL9C7I5tMzs65qpfjlH2TXM5UkN77zl:Wq4w/ekieZgU61Kikyv5mzS76GTl
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-06_749f8d82d584b52173c961761fbc3141_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-06_749f8d82d584b52173c961761fbc3141_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B28.tmp"C:\Users\Admin\AppData\Local\Temp\B28.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-06_749f8d82d584b52173c961761fbc3141_mafia.exe 19D094DE15F99223C91964B5983D9041352E54D922236F1F5704C5E8EC8A04BDDF959734B2D7D25F5946E4801EA7CBEEACC47B4A0C7BB3E6FA23A503644395982⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD55448e5cbc723a93388786f96758714f1
SHA1d29263db721c4b1cb0877bf750f80800fc683281
SHA2563c3b1f38dd6285e4f686261c756a36a3f5d9fc3b6315436ef66fff043ebb84e8
SHA512b8e35f6fbb5af11d56accd65f9b3cb05bf480aca85f00a764a655ffba567b835646e6f6bd73a5e60fb50123bc116bb54ee5326196159bdcccbf23a73ad295799