Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
26/03/2024, 12:00
General
-
Target
2024-03-26_e6022a48aa465c27dbd7566d6455a800_mafia.exe
-
Size
443KB
-
MD5
e6022a48aa465c27dbd7566d6455a800
-
SHA1
4fd7d44650add945d7321e5c4b0c6868cec2e01d
-
SHA256
9536b1cda42b887cde377d8cd0bfdf5bd3aada14c5c9ae21bbc1836cd189ed54
-
SHA512
71260969cff50f1e5032a1059cbd21eb31dac1686226e8800304c393539d0e258aeb033fb9c634dd61554ffebf2d753b679b81491b6cf20de77ea7e92e5471fe
-
SSDEEP
12288:Wq4w/ekieZgU6JeulqGZA+PvVXSZcjz01lMa:Wq4w/ekieH6su3A+pmc01P
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_e6022a48aa465c27dbd7566d6455a800_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_e6022a48aa465c27dbd7566d6455a800_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FF17.tmp"C:\Users\Admin\AppData\Local\Temp\FF17.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-26_e6022a48aa465c27dbd7566d6455a800_mafia.exe 1E26A5D2353AA514CEAA46A28E81A5AFBF5FAADDC9E847634A0A6A170CAA7D50E7D8747266B8D88D29A7C4DD7C8B3A3B09FC898286FC4572D5A1B4FA7A0D4CA42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5fdf0e146f4d73d3ff0410042b8f30a30
SHA18d963555fef158d68446a8ae52f9e9268841a809
SHA256d5c26c7b47aca63dddb047f842f8aa3284e502c829b9d04dde25b20c42662822
SHA5123e7d1524153fe79c74963e0158e6ec626ae355ecc8223b13c6fa7d4be39b03481c6de2a232f5a4a30e9e276ef64439056370896db367232d26e0e579d9afc0c0