Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28/03/2024, 08:45
General
-
Target
2024-03-28_826a25beedfe1169fff8592fab1fe16f_mafia.exe
-
Size
473KB
-
MD5
826a25beedfe1169fff8592fab1fe16f
-
SHA1
cb836faa20b2ed9638e4e4e2943022434fdfbe16
-
SHA256
31aae83a1e89e8ce68d5f8f894cd18f7362a357d9f3cb210c74d90fe5def1048
-
SHA512
791949d52b851e8d0385682593777d9d5aeb396001b18d90239712de7f1ad8dda8a67b20eaa322c33d3238d3ad504eb3ac25e0ca0841ec4e766017af9c148dce
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStO39ektXjxMFaWCStgz2ky3CD5MKafOxCMBZ:Nb4bZudi79L139eksaqtgMSiK3VBiA0a
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-28_826a25beedfe1169fff8592fab1fe16f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-28_826a25beedfe1169fff8592fab1fe16f_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\96B4.tmp"C:\Users\Admin\AppData\Local\Temp\96B4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-28_826a25beedfe1169fff8592fab1fe16f_mafia.exe C9E12DC35DDF7746D7AA3DFC0DBE752C6B4D4933E4B9C3E02A6189F0786649EA5528E27160678C0D61405FAFF4F916F8E8B83B6BA908C8327D5D688886B7C70B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD596a5924662f6f685c823a18df2192554
SHA139d487242883289190e4a1234f23fd0e9498c8e7
SHA25671dd2babda099f4fc63c171dc8dcf4b45675e7ddb9c5f75eeb37085614c52d1f
SHA51218642d204bc6bdad9767b59a0955fe91031deddf89125c6079df9722666670bd2d6b9de0b62fd725b2d58ac915dd44e2407ecf59715514fc2abc2543a226c3d6