Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
26/03/2024, 23:54
General
-
Target
2024-03-26_ebd6ca0d216b927326c2d65b4838d5e4_mafia.exe
-
Size
468KB
-
MD5
ebd6ca0d216b927326c2d65b4838d5e4
-
SHA1
2298a225f5baeb1d43221f6698421525bb389860
-
SHA256
b58497cca8ae139b8366700f04e9c4cb80fc66f6db204a6682b262ff4836da88
-
SHA512
63413634fa08498a55a59dea5f142e58d0ccf0160ea4de88b506d9cc9929f2b0434169e7f6353302fb02380f8046d16dca0ae94ff4f5cdfd71e7b14c18d2df76
-
SSDEEP
12288:qO4rfItL8HGhd3J3v3M9KlqePH1Qh1UXkP7bWmeEVGL:qO4rQtGGn1Ms3HWTUXkPumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_ebd6ca0d216b927326c2d65b4838d5e4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_ebd6ca0d216b927326c2d65b4838d5e4_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\46EF.tmp"C:\Users\Admin\AppData\Local\Temp\46EF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-26_ebd6ca0d216b927326c2d65b4838d5e4_mafia.exe 0C994843D8FB1627AD769A58E4701CBE5AC23B3FCAAEF837E1E629CB6D4CE426A26CB6FEF744454AA5373A1D225E49A22BA957A0DDE03666F5EF95F764BC8D402⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD5d9dae1211f042d4977e6e3229aa038b0
SHA14bb8b7955f2032a80b47cc3692658fbe9ee561b7
SHA256a98d4b83ca5e3ebaa9ae77a7a3df1f4131945ff7ff830f6938ec3d9af3cf7fb7
SHA512ab59eedc7713b74153729b95f28fb19aa36a0effb87de6aa53f183cb973146dcac7ce5b4a166ee011b6b70931a61b3819976eafdbe838058edcb480daed22b9e