44c6760b7f283c943150e9ec80759ee5159a3a5bb7190ebc8deca0ac817af4db

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
09/03/2024, 21:53

Target

2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe
Size

412KB
MD5

cba4dfdda2254c96f0241bd57b63b10b
SHA1

f90ec2a3ba58186947d8f0b2560093116f5f4f1c
SHA256

44c6760b7f283c943150e9ec80759ee5159a3a5bb7190ebc8deca0ac817af4db
SHA512

08e7583aecb6166a4687b0f20089b24d563c55c7d285befa431394c58692acf89a2bdff27229ed4b326e507a15bd6e6bd15b666f10551b92aa3f9fb0375a421e
SSDEEP

6144:UooTAQjKG3wDGAeIc9kphIoDZnzFyUfWuF496uJon6OfCKvyMBpGZJOdP:U6PCrIc9kph5hOuF4Jox6KvyMKjOV

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2316	12E5.tmp

Executes dropped EXE 1 IoCs

pid	Process
2316	12E5.tmp

Loads dropped DLL 1 IoCs

pid	Process
2912	2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2912 wrote to memory of 2316	2912	2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe	28
PID 2912 wrote to memory of 2316	2912	2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe	28
PID 2912 wrote to memory of 2316	2912	2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe	28
PID 2912 wrote to memory of 2316	2912	2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe	28

C:\Users\Admin\AppData\Local\Temp\12E5.tmp

Filesize
412KB

MD5
7ecf56f0232f49ba5bf5d5796d1c4482

SHA1
6e2f0acd38131bfab48b0a551a7ff7011507dc9b

SHA256
08b1e370185f2bbad2af904c457a04cb5ac466c2996bd447f687873d3e42d921

SHA512
952a941e9d50964504284c08cb291f17b97291b0a81f96c54fcc14d7f0b0e61159e5206709a9fb92bf9518f4d0973d3aa0637b0566c46c64da688da073846f2a

Download Submit