Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
26/03/2024, 09:52
General
-
Target
2024-03-26_bb13ac19328bd10d64ffb03c2431c4d4_mafia.exe
-
Size
433KB
-
MD5
bb13ac19328bd10d64ffb03c2431c4d4
-
SHA1
47ba2703e7cc0e10907c51fa81ca6c9abfea4a99
-
SHA256
79aea6cea3221e2a8d3514c2729d836921c37fee8725960d94a51d2445e633e3
-
SHA512
348d7ca8daf24d7e2b6b4a68738dcfda8499ab850ed0a8da1dac84c8597a5f653ec33b98f63578f07674359380f2b4c0e18ae2d1feb4b7612c4310b159e36f9f
-
SSDEEP
12288:Ci4g+yU+0pAiv+b/PJMde6FOaeOK+5GlyoHjpwn:Ci4gXn0pD+bJuB8myG
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_bb13ac19328bd10d64ffb03c2431c4d4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_bb13ac19328bd10d64ffb03c2431c4d4_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8305.tmp"C:\Users\Admin\AppData\Local\Temp\8305.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-26_bb13ac19328bd10d64ffb03c2431c4d4_mafia.exe 8D658E6378F319491AB131E0D7F2642F851C83F4A8212AB79159AA943CBB97BB2F87BE79DF527E9DE5CFDBF2116AD5B9BF2B2DCFD25CB1662517594D30EBCFB82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5db8c830835c0eb64ef9a82d42501a0c3
SHA1f2190305dbcda67662721bc41444dff698727ef6
SHA25642012fc2cc388c72004b411a05b0575b29d4d696561b156e5bff7c5a2ef724ac
SHA512de9eff8b274ffd887a7e4a71f2268fdca10a77eff1cf76e7566f8c57257c1293926768c00515874eed9e424d56d7b149ce58985538c1de7b7512fd42bd22aac4