Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
07/03/2024, 02:35
General
-
Target
2024-03-07_68a430d7e0a968fee2ef00d070226bd8_mafia.exe
-
Size
433KB
-
MD5
68a430d7e0a968fee2ef00d070226bd8
-
SHA1
50260aeb609e614786f8fb4a58f0bb26733ff73b
-
SHA256
aa116a2f87e8eeee372ef0d066c2b706fd1035c185d3f387881d1291ebc766a3
-
SHA512
9d3057a08cd914ff3a1ebb1027d32f695ee6b7a8d9fdc95122497adf48a691df0d2e97ac7380eb35b426abd078f7468bb54c7bafa81b855da76782485f2464f9
-
SSDEEP
12288:Ci4g+yU+0pAiv+jkI9bMcpxB9duyP2vZedAWn:Ci4gXn0pD+I7cpAW3
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-07_68a430d7e0a968fee2ef00d070226bd8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-07_68a430d7e0a968fee2ef00d070226bd8_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3D10.tmp"C:\Users\Admin\AppData\Local\Temp\3D10.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-07_68a430d7e0a968fee2ef00d070226bd8_mafia.exe 5E259C184FE9123736979CFC532FA48AB42EE731FBAD3082F08C2C4D504EDF3C6EC5BD5E30A8C703B8D453E45C952808FD15E6EA1462DD18460FED49DBB27A682⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD51a682dae136717620360cbccc95a7f7e
SHA17ff4f97c01414cf63b65507bd7fc35941573c161
SHA2568806104fc622f1c20d5681043536e28485adbe16d64df44c189ea6a5c5026659
SHA51222621aeb7a71bd39a6eac60f6a862d1a97cd65998076f26f0ff15fdff6187ef77e8ac9c199accc24fd4d76557d9ba8a2fa3d4dcf01753af3b553663536b83396