Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
27/03/2024, 19:24
General
-
Target
2024-03-27_142ef2b5652e6f42e7bc3083f2648d6b_mafia.exe
-
Size
443KB
-
MD5
142ef2b5652e6f42e7bc3083f2648d6b
-
SHA1
16ab64852f219f8ff0c7f664cc4dc4a3262085d7
-
SHA256
8467b4d1e156a544f0205f226e5b1bef42cccdc24fb3d57938b29a156c7ffef7
-
SHA512
add4f911b65879ee0614a52213ad5b28318e421e5ea1617d5d5392fb7b0d9ad9b6ec4d8cfc5100111caf2b10a3728d30e8192e91962b217407054c0304dc081f
-
SSDEEP
12288:Wq4w/ekieZgU6XnJClancO+nZ8k5VwNHVlMa:Wq4w/ekieH65ZcO+nZTmHVP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-27_142ef2b5652e6f42e7bc3083f2648d6b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-27_142ef2b5652e6f42e7bc3083f2648d6b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\479B.tmp"C:\Users\Admin\AppData\Local\Temp\479B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-27_142ef2b5652e6f42e7bc3083f2648d6b_mafia.exe D39F6D6DF589894252AE275E746F4C7D2C017F4697E04F463F4D37DA4C23047C042233A5A7726EB9009439584800C7151BA2A65928095A51FF5BBCF29631C1082⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD585efd3cc9367f913697c4c50d365f238
SHA15aff37848c9f2ced0b95035d082f3d78445d5ea2
SHA25688ca5660e139459afc077de00124ba8f257be68c6d3cd1a30edc7c2e48abc3db
SHA5122a6be3c8fcb1dadd07a0eb0feea6b108a41ef8274d92982864b6a46c4f5b11c297fc2eaab4e4c24a663ffa015102e367517899ecfb673dfb20011ed2fe5676d9