Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
18/03/2024, 12:48
General
-
Target
2024-03-18_cbfd7a0d05dd1ca11c6990c62d916781_mafia.exe
-
Size
486KB
-
MD5
cbfd7a0d05dd1ca11c6990c62d916781
-
SHA1
69d72cac20334c2e44fb8d3f877e5bc8f8853854
-
SHA256
c8a328f4fee6c6bd2fac34dde138b3dcb15dffabb8f4462a4a7182e1263c0225
-
SHA512
633b8a02a320989d90e5c16dcb640dde352186f8fc9ec1852d1ccd3edbfe9edbe4531c4d924d2993c2957c8d9c0f15ee35df4563cd7cb88143bb173eaef0aa16
-
SSDEEP
12288:3O4rfItL8HPJ4v6Q27kGXNFHULdDkn6w7rKxUYXhW:3O4rQtGPJ4v6Q2JXNFEI6w3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-18_cbfd7a0d05dd1ca11c6990c62d916781_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-18_cbfd7a0d05dd1ca11c6990c62d916781_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4460.tmp"C:\Users\Admin\AppData\Local\Temp\4460.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-18_cbfd7a0d05dd1ca11c6990c62d916781_mafia.exe 09C2FDDF100B9DD96504197E3CC172233ABD0AA9EEC930CD904E1E3AF9732C6029D28FE594C81517B1B94FA7EF56BD90652144262677C3E98C4EBA058A3346FF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD59deae489ae958498abfec917d97e11e4
SHA152677bb1c974ddb5a787b4a05948b446ea3d5d48
SHA25659edb6630873373ec610c7104eb5151945e763b79b3bca45032a0bdcfb83dbef
SHA5121eb2024e30ccb49b7a9c180335969a2f10b897bc3c01356c2b547bec48504e365a3b4c7e31d849086dd68ff6bce4e36389cc4597ea56afa94ca78b4dea2b5282