Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25-03-2024 12:26
General
-
Target
2024-03-25_122f615411031b17f7f9b9f401533178_mafia.exe
-
Size
476KB
-
MD5
122f615411031b17f7f9b9f401533178
-
SHA1
9f3047537c2696d200b38fe10ccb2408889560cd
-
SHA256
aa9c8670b4410cbf5bdaee2c02b5e633dfa8497ab9c5cb7af5e9e6a789bfa261
-
SHA512
a84c5bb216e21413309fa3024066479c11000c409a5a467fc4e656e19b36e2f5117b5beb6ba2535a04fca7052aefb5d24cbe3978832c54dc11157505bbaf4bc7
-
SSDEEP
12288:aO4rfItL8HRaQjO+InBZ9V3Ge2X4xK4l8tm00YMeE7K9wlsDpVFd:aO4rQtGRFjdIBB2Fdhq+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-25_122f615411031b17f7f9b9f401533178_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-25_122f615411031b17f7f9b9f401533178_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\671C.tmp"C:\Users\Admin\AppData\Local\Temp\671C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-25_122f615411031b17f7f9b9f401533178_mafia.exe F4CD9E770CBA20FD16BCED8D39ECB5EBF4519C2411368A3601CD99A8D3E4F0343A078FBF107275C7472B8815128452F9CCB83428FDC92CF4131D8EB9E6D9A0062⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD562bec4727b7c3f6b994abe3225b36cf9
SHA11c5efeef6d1fac24efd04a992985a9fdc3b89713
SHA256e6f72ea02d69cf540fc03a2a3c548dd66e99200aaee5a515eb696b406c2d3876
SHA5120671f35959f0892ee2ec1100b66e79fb90f37aa7cecdadeba1cfd2e149ec1de41b3712aa49898cf51e45c33ed61cacc837169e7b5cdd59cfab65b798bd0efb9a