Analysis
-
max time kernel
121s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
19-03-2024 16:47
General
-
Target
2024-03-19_978362acfac63da8b890c247f593c103_mafia.exe
-
Size
444KB
-
MD5
978362acfac63da8b890c247f593c103
-
SHA1
5173f89c72cfe6c8c4a72cf43bf5bbfa5e689cd2
-
SHA256
21e91075be224ab1bb4bb96b07a133dae4c04eede1c560e5850388b837be13af
-
SHA512
6e3c10481e8ef2613a46d3170e1581f2dab424ff0d2e7918164b43a1f38f7c3150f5bacfd065725ff8f215baadd206192df9ce7c15ef27f9f05b7b5fb19dc380
-
SSDEEP
12288:Nb4bZudi79LSASmQWV7vU3/3JYhxhMdWPuePOA/J3A:Nb4bcdkLSASmjhvaZYHhuWR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_978362acfac63da8b890c247f593c103_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_978362acfac63da8b890c247f593c103_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4EBC.tmp"C:\Users\Admin\AppData\Local\Temp\4EBC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-19_978362acfac63da8b890c247f593c103_mafia.exe 8F8367F2F60F4848C99B4CA16F36711693BEAADD5643E15638AF253DA34A43C87AD59AF01531D9D3C01898A77355F638CF5161DDE0267FBDFFCAAE30FA1ECBE92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD532315059e529b4b93405da62d9ac1b4f
SHA15409529ceae9886cb8c187488bdab0f300b8452b
SHA2563bf024eac743a356b58363e65ae9425c7316958b71f2ffd54038103d61a2fd25
SHA512dba3e8cbe6e31f57a4e37b9efd1623fb7b420b76069bc4f804cd137d2259bc1e9cffe7dda6e5aaca3598c6acea116a5f1a21f7e5cd7b66ade21728525c001758