Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
12-03-2024 19:47
General
-
Target
2024-03-12_85abb49f3399322b993bab2aa2fb298f_mafia.exe
-
Size
468KB
-
MD5
85abb49f3399322b993bab2aa2fb298f
-
SHA1
d247399fb84cddb4252b2ff9f9076a7cd10a768e
-
SHA256
edfd7fa754b52ae28022ede6e3923507357ca348845f54006d8771067a33b3ee
-
SHA512
7180e5eff68047a6b911440e0d28d525f573d9212fe9df23c656d46371cf4e06c662c3e6f478a55649b4cb3348ba68092279914ea88fb3188f3d6285231ec44a
-
SSDEEP
12288:qO4rfItL8HGuIY1vJjbvM18hZmaIwuuvLro7bWmeEVGL:qO4rQtGGuIivJjb28hZm/uTroumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-12_85abb49f3399322b993bab2aa2fb298f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-12_85abb49f3399322b993bab2aa2fb298f_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\22BD.tmp"C:\Users\Admin\AppData\Local\Temp\22BD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-12_85abb49f3399322b993bab2aa2fb298f_mafia.exe A3BF47AF56717E30209E7D386F9283E0989E8CC40F410379EFF4EEFA62A70D3AFB3885CDD879FE24FB08BB705B9C80112C59BC188024699788D74093F0D9A6F22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD512784045c95c4f27deb6ce92d20fba40
SHA19219e7f23499cc46604e9aefeb275c0fdcb01710
SHA2568f797b5a133ed5ee5c00b9072cef4a2b3a2ec6f81b7b1d7635b30d264bd83b12
SHA512ec777a6c6b48194df46fa7460ab5921ab74ab563d827cf898301e83ee3e2342a67edfdc599f3018fb8b9a9fbbe61250535d878612c4c1e94b1eba37008443df1