Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
12-03-2024 21:41
General
-
Target
2024-03-12_e45530727953634dcfe78ea37caaade2_mafia.exe
-
Size
433KB
-
MD5
e45530727953634dcfe78ea37caaade2
-
SHA1
95265cc08d97b8ffc8bfa8273111c488ee87ecd6
-
SHA256
399c28cebfa77d671fe89bd09a54452788ea4f5da380d7d3d5c63dda9b5b903f
-
SHA512
ac31297006c5ddc2b1a3ddea51170e3ba15ae2df88e03480cb46cbb2adfa82298d2c6860bfaa89ed86205976ae34a8a11d99068d6d0043756123404dc89fcb37
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvZX/n7mB1z5GppX8cYuy+/23Ww69U6pdnw+e:Ci4g+yU+0pAiv+z7mfz5EYuivecfNn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-12_e45530727953634dcfe78ea37caaade2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-12_e45530727953634dcfe78ea37caaade2_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\F0E.tmp"C:\Users\Admin\AppData\Local\Temp\F0E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-12_e45530727953634dcfe78ea37caaade2_mafia.exe 3C5D69FFCD5BBB9591361D3D9C6D689F30FDC0F0F64CCD658C9DE70BD3602D13C7108560FBDC8F53640A900033CBC6CA755C6318B1C10545712FF2750BC2DC9E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5818e77fff56152ac114fa3bc852eb4e4
SHA16e86fe50316887856a6424c21817061f072e606e
SHA256bcd4fd36a5bb529ffe13d2c3eac9a238cd3cbf84c536802c098c26ec88c7475f
SHA512f2b765bf7d25b1796f0cbfa2ad8e1f73c42ec35f8642c720b766ab0e84755dd4cbea87b670428ec0584a2f60b16aa3e699fc3c18cb2fff74e3d7e60ec458c490