Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/03/2024, 11:50
General
-
Target
2024-03-25_cdb23df93e770be8ade255b6ab0ecc81_mafia.exe
-
Size
433KB
-
MD5
cdb23df93e770be8ade255b6ab0ecc81
-
SHA1
350f32882a1a119ee707fb68bad15f61190e79f4
-
SHA256
d5d8decfd0fa13663e81c3b6d83c0f7d62ef7965892b2f50a69594ee6428edae
-
SHA512
9d889f2657910e61f402d2ced88711d2069d6c6d70ce316d78ab3e6b12b2772f4045b55fbfd53f0f7a2bbe22b3940bad28522614b7ccc3738228c4b5de95f794
-
SSDEEP
12288:Ci4g+yU+0pAiv+BBVbfnUqR9X9llYb8M63Dp61Kn:Ci4gXn0pD+BHzn3hloy3wa
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-25_cdb23df93e770be8ade255b6ab0ecc81_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-25_cdb23df93e770be8ade255b6ab0ecc81_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\496F.tmp"C:\Users\Admin\AppData\Local\Temp\496F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-25_cdb23df93e770be8ade255b6ab0ecc81_mafia.exe 5D6412C63D1B4997C889A5549A976EE28E6142CA0C93DEE8DD4A896C3A3B2BE9C6CC303E7B86DF036B2084DCA2A0DD2855165AE3860BC4D4E4376254B63821262⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5fd59b20b5be6095c9c3747a88d2f5a56
SHA15a9f7f0df0cf0144de28f697783d9e6aa3cd6e63
SHA256c82007ced4d67fee0896e20ef1766c8d1c825e4c736ed01814b98d717e3231d0
SHA51212f955c90ee3c08dba49b6c1596e41d2313904bd2d46bfa94ce58f1409af1010dc92fb024f64509e231c7a49ad2fd21024b1ea5d9895ff6bb41918ee92310d69