Analysis
-
max time kernel
119s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
07-03-2024 22:23
General
-
Target
2024-03-07_0ec0109f1b9f8a66842911b1fdd14b51_mafia.exe
-
Size
435KB
-
MD5
0ec0109f1b9f8a66842911b1fdd14b51
-
SHA1
97ba341305c9e36794cbb4c2f86d01a98d44f34e
-
SHA256
51d278f5f1983bd8fa7b0f8c8cd8f2b44445067141d8b750d20733d29881ff95
-
SHA512
a5679f484ff9921aa554de1cae3abe0ca200c54a2c9bae9705f3bedbdf6296230902bb8a9510900d0449aa672ce1bc19daef647897e2be9cd8b8d8880d0365bc
-
SSDEEP
12288:fd4x+ePixnXQjFIgHK/q0Ux5ZApe6N7JwP:fd4x+ePixAjVHuqfa06N7J
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-07_0ec0109f1b9f8a66842911b1fdd14b51_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-07_0ec0109f1b9f8a66842911b1fdd14b51_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8B6E.tmp"C:\Users\Admin\AppData\Local\Temp\8B6E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-07_0ec0109f1b9f8a66842911b1fdd14b51_mafia.exe BEBCDA0823986FAB4F8AB9245689B4835AF78FE300EB3F5D9E4C4BDD66F173AE11D1C060EEEDA07CDD5601D27C0375844201966F48A8F0A40BBB373B070D581A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD53163a647f46c365102ad39bb112e2849
SHA131c14d3291918cf50b27e43b6b373eb9c2eb160c
SHA25663653247eb9e788a5f6e65c671cec753257962698f1f812db1e296b5327bce55
SHA512161ae74227f9da6edb927593d9e6754d2b2e05236da31f4ca7afd5e0c672511e505cc15ab7af6900a120736c87472e65ea3fcee4719deebe7b2f6a95dcca3a48