Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
25/03/2024, 19:43
General
-
Target
2024-03-25_e660795b33fe6c1df1f2275087bb15a9_mafia.exe
-
Size
433KB
-
MD5
e660795b33fe6c1df1f2275087bb15a9
-
SHA1
aea2c6c36c27a69e32f9c841b163ed42a0d6babb
-
SHA256
0df6be0793a66057cd0d7967aae7cef05ed398657584038ea9e856dc98d2f10b
-
SHA512
e1d8008d526205d71cf1300f9c7e5506877eaca13f26da4c910279bc1449ae1fac82adbe17dbe78bf5fc601b8ba363f3bb569ca2e3402496e94e867aa37a0b33
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvDCZ/7ivBKd4kch6oHcVs1xGs03jkZLzIagy:Ci4g+yU+0pAiv+xCh7gBCWeOGscNan
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-25_e660795b33fe6c1df1f2275087bb15a9_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-25_e660795b33fe6c1df1f2275087bb15a9_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E62.tmp"C:\Users\Admin\AppData\Local\Temp\E62.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-25_e660795b33fe6c1df1f2275087bb15a9_mafia.exe E0594BC0D48FF3AC6D8C1361DDAEC193421E995E13909D05D053B6A7816654785A5047E40EE7878A790A1734733FD0AC27815A51795300C0339911A4409928962⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5f82d03738e86998c1490d3d5dd126a53
SHA132ebfeb6d9f37520a822e98e116174f1c8a67bee
SHA25620cb7209fe9425aa653ef22971f1cabcf7e12375a3de7b1959906c53a5af8e11
SHA5121c0f6f0f7e5904f4aff953fd81d1d36d8ff341dd3f6ba0a5b107bdeb7f933cf6778b6d42af000029d930d2b1af69d1505e099428e3668b9a2cd262c816ed79e1