Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
27-03-2024 07:38
General
-
Target
2024-03-27_bec2474c88a949d5a8ac8bad6c96005c_mafia.exe
-
Size
443KB
-
MD5
bec2474c88a949d5a8ac8bad6c96005c
-
SHA1
5a7209fd2a81ba5d17545e89d61159debfc51cca
-
SHA256
99165513aa41629acf728bac8b9b79b674b8b14ea5774f6078c7010f5410d85a
-
SHA512
6e7f24c6fdd72500a875d68a5487efb6e96a537e66327ebe1a17414f3dbdcfeb86708f3f37e15f0b125f63400565183b797456cea84bb424f19a7675561f9adf
-
SSDEEP
12288:Wq4w/ekieZgU6SReWkuP3+pAkP51dTnlMa:Wq4w/ekieH6SRnkq3iAS1FP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-27_bec2474c88a949d5a8ac8bad6c96005c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-27_bec2474c88a949d5a8ac8bad6c96005c_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\C87D.tmp"C:\Users\Admin\AppData\Local\Temp\C87D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-27_bec2474c88a949d5a8ac8bad6c96005c_mafia.exe 62339EDAF7DD2A6515455AA77BB3E8D0110EC1A812FB1AB37E72EE582067237D700EF2298121B330C40A843C997AC4C22A4550EE16ED49428497E78B7BA913C22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD55b521b88702551c58ab8948660bf6a8a
SHA16aa2c8de1958f9411272e0dac252117bcecf6b88
SHA25644469c35dab26a80ef5dd3fa013e8f7a4b53d12d397a02c980faa1c74578d083
SHA512341805b531cd9d11b8afea540d010525cb4379bbf4b51581eedce238e66fbe0185d72104f2ee6383123f72770ec293c50f83e06e37f78e53b795a27f39df9642