Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
14/03/2024, 11:53
General
-
Target
2024-03-14_f705a818b8c56b465a909d167d1e3bac_mafia.exe
-
Size
428KB
-
MD5
f705a818b8c56b465a909d167d1e3bac
-
SHA1
251278682e19a58ec032e3d2aaef46414976c671
-
SHA256
3a1bd4b8d2120681b62b4aee1b08e76f18acdfe576475be6c1c42a60151e9e52
-
SHA512
a7e23265e64612cacbabccdc5c3fd5352677f44d1cbb9c48cb76dc25690cabf6699e006382e177031d4b51d169044f0958ffdeafbccc9ae791b812e0f4744cf5
-
SSDEEP
12288:Z594+AcL4tBekiuKzErnvzKu1UkZHmF9LnuMx2l:BL4tBekiuVr7xZGF9Lbx2
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-14_f705a818b8c56b465a909d167d1e3bac_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-14_f705a818b8c56b465a909d167d1e3bac_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\C8E.tmp"C:\Users\Admin\AppData\Local\Temp\C8E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-14_f705a818b8c56b465a909d167d1e3bac_mafia.exe 330503437A81561BC509395CA804003378339E3F597DA9FA9B62F58BF2696E4A5912F982891B72FDE57ADB753EC6691ECEF86B455D4BF246194F8C04E075E17C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5473e766da7a366ea001334c1ec0ca162
SHA1247976c91b4bf5b1ebb8f9caf90ab47294b610bf
SHA256b8b85fce465ab50783e0ae92fe1fb580ec3ebfed6087a241cabf4f1d9aa65b9c
SHA5125189627c20d97a2d470ff40d677d6daae4ec944691323cec91ac8754e565421b2937d21cc87eb2c9763d21d703fa135140cfdaf9c8ec4834ba504b54d7ac8202