Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
27-03-2024 12:24
General
-
Target
2024-03-27_0008e4508abd82c4df57003a7f83c939_mafia.exe
-
Size
435KB
-
MD5
0008e4508abd82c4df57003a7f83c939
-
SHA1
8626d82b25941599e8a8a0a16b4c5f04b5d5e63e
-
SHA256
1aaae9dcba6197a0d41bd58b89c106b6feab4c92b47fe5ae050b71646ecd6bb0
-
SHA512
ccdd7e52f0021a4356bd5d6a707b395c5f4006cf4a5abf7d9bb5cb2cb65bd35122cc785472a48b255049b0b01c3dcaf654d1774c16624f37306f9c37ce84e125
-
SSDEEP
12288:fd4x+ePixnXQjbBXc/R3dS2RQYs2ltjZwP:fd4x+ePixAj1MKANl1Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-27_0008e4508abd82c4df57003a7f83c939_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-27_0008e4508abd82c4df57003a7f83c939_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\20.tmp"C:\Users\Admin\AppData\Local\Temp\20.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-27_0008e4508abd82c4df57003a7f83c939_mafia.exe D8A3B5B0961EEA7F256F2E21F1160200C99746B01624F9A06E44E6E6587C3CE7885BD18D53F716E0CCB47717B4EE8363DC5E4D09F9A366DB4D3C712E242BD5112⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD5b9b310d892fb8487821e05c4a11cb075
SHA1d508114c437b2d744e70c770d1f6f7bf0be40ace
SHA256311a2eab9fca8dab4cb8edbe0dee2786f97a76ea9a49ab18222f0f2ccea603cc
SHA512eb5d451c3f926cffbed5b4c9b227b381136b65271f9647d7c3e900d883516f66f801b2ae8bfca1353c1ac70694e897d486c72a39b0b0718d235b14ba21cf438c