Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
19-03-2024 11:40
General
-
Target
2024-03-19_66942952de41930f89b4b13d7e20ca2b_mafia.exe
-
Size
428KB
-
MD5
66942952de41930f89b4b13d7e20ca2b
-
SHA1
df965c632007ddc96cfc25343b3a0f613ac4a1df
-
SHA256
567d2b92ee1defd3d3ff6a6fafeaafccd957544840c4db833a8d1c94d7095bdb
-
SHA512
5056702eaf1114270b9d022ce252d2366c47461b7c8ca7f1ef2e3777890d6c2c6b35a319da1a06fc796568a72e08c6b4f93a4ed238c15443d659a5f4c447f0af
-
SSDEEP
12288:Z594+AcL4tBekiuKzEr21UGKmZ61bXkDox7Nc7l:BL4tBekiuVr21lKlbMSJc7
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_66942952de41930f89b4b13d7e20ca2b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_66942952de41930f89b4b13d7e20ca2b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9434.tmp"C:\Users\Admin\AppData\Local\Temp\9434.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-19_66942952de41930f89b4b13d7e20ca2b_mafia.exe 5E798EB78A81EBB6769995191A0B26949D1AF54D937C0FEE297E69BBAF0BC7D9ED8F65793CC2495C342B17359E30DC5F32484096E67FB0D7738034C47B22CBB42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD58835a134156c39305d2f2689cdaa8aad
SHA13267dcc3a7c1a48b32b109b578ef2eb6717c793b
SHA256cb71559f0897f1bb2a296e44222e27da95b724eaf730c8c2afa9fa0ce32daf09
SHA51280a015a19054781f786279c2ca504e2e6a2d8135491efc6ce6ffbacc72981f6eedcc0498b3fb69671d5e2f3e94270d75f16adf003121221c03c9a4d7598291ad