Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
07/03/2024, 00:58
General
-
Target
2024-03-07_a948dad9f93d8c5183d26484c6c5ba17_mafia.exe
-
Size
473KB
-
MD5
a948dad9f93d8c5183d26484c6c5ba17
-
SHA1
69666971a4a72e5cf53028f02eb94e2f9a1691f8
-
SHA256
2923f2fe039c104d10479265e4bebef305fb6f82e8ccfd172404141f69c97aea
-
SHA512
d6dfc941d8b740bbd66ce5e5d17a416d299b96c862fdddf717d6b3e38bcb45b397cd831f88f17dc8e0746c7acc3b2d73b7be09e75f507da320d9ce455c1c3105
-
SSDEEP
12288:Nb4bZudi79LRA54v79hBiWjMMSwR9UNcRi8A0a:Nb4bcdkLRRv79hCMTs3
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-07_a948dad9f93d8c5183d26484c6c5ba17_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-07_a948dad9f93d8c5183d26484c6c5ba17_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2913.tmp"C:\Users\Admin\AppData\Local\Temp\2913.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-07_a948dad9f93d8c5183d26484c6c5ba17_mafia.exe 045FFFB0809A93DB5828F86F2BC272D491EAA10423EC3AF7D5E8520F8B3FEBC7F163C094A85AEF2CBE6D6CFACA82476ED49A6EAF1E21A7CCFFC8F9A2369900FB2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD51eb1ad742b7f5d349567a12ed49a03be
SHA1925af30b6841ad41827e91a1a86af6e49c0d0fc7
SHA2562092efa9b350c7cf5b9564b660712a2d299ff8ee709206ffd09bc2d8dfea3582
SHA5123f049fc6efc42cf19ecba49df6ffdaf264752fc174a38fd9ce2767e7114f333a30da18cf17eaf0a01a1bfe3fcdd5bb50103149f5a36477a5cc74181f21527121