Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
27/03/2024, 10:44
General
-
Target
2024-03-27_e26c4856c571b3c3a7d690dd7347c154_mafia.exe
-
Size
473KB
-
MD5
e26c4856c571b3c3a7d690dd7347c154
-
SHA1
741ccc3d33399d7592bfed9831dd22d0fe8ff6ff
-
SHA256
0dde68495dd108dba66cf4260ffc25369fb84676c3005fa33f1bafca1e114d38
-
SHA512
f1b3fb2d86f0477677da0c3e75c976334c65aea507507390085e9c1a991d8b2f6e1be71048f92533c4336c07fdb560509e72698699b7b30b3a47f6fccd0bc2d1
-
SSDEEP
12288:Nb4bZudi79L5tXssuPE5KjQrl+cUY5cp/tEpgA0a:Nb4bcdkL3csuM5RlmiYVEpT
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-27_e26c4856c571b3c3a7d690dd7347c154_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-27_e26c4856c571b3c3a7d690dd7347c154_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\11BC.tmp"C:\Users\Admin\AppData\Local\Temp\11BC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-27_e26c4856c571b3c3a7d690dd7347c154_mafia.exe AB80E410C85AAF17F5C1BD5411E45E482F78F750E872875FAA413DDF69D45C8324004201BF72D6668922F9859A1AFE39A10C67275AA67340ADEDB8AB1C08CFC72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5d79771bbf12f8c0ae3482f91dee50c7e
SHA12b754a9ea01725ed0c234093de503c94253144db
SHA256b39093fc4c8b2ca4df16deb0f9d099a7be1e362bad1d1cb36789d43316801d5c
SHA512892443796e002840a83d0efb4a676b279052c65b64b5db8800c0a299741c8e13ba0c4664662d1813c4a87bd7cf1130385a45e0b735651a349982b77c327bca87