Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28-03-2024 17:35
General
-
Target
2024-03-28_8226f4f8d205cafacb5908159d80fa58_mafia.exe
-
Size
428KB
-
MD5
8226f4f8d205cafacb5908159d80fa58
-
SHA1
ccae9dc3401a03473da7db3cb353b287b2539b69
-
SHA256
33a37254e58d1b88695e073f33e95852cf6bc3124d3d6f82e084498d9b20c686
-
SHA512
0e6108dc5131ac57167c59e9ec37ba32db055efc5b11458e167a224d2214ec6309d0f0fc9216dd9ad4420909b4a4e2e9205b50aa37a72d30017351ac0b9cbeef
-
SSDEEP
12288:Z594+AcL4tBekiuKzErCZlcqoahYWkn9QXfgR/Ul:BL4tBekiuVrCZXoa0nfhU
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-28_8226f4f8d205cafacb5908159d80fa58_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-28_8226f4f8d205cafacb5908159d80fa58_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4D65.tmp"C:\Users\Admin\AppData\Local\Temp\4D65.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-28_8226f4f8d205cafacb5908159d80fa58_mafia.exe 4FD49D816DE32989A59B8BDC4AEBDE1F8F4B885946A0641806F57C4705A915DA01D778B3359C5836B9520A4BF9629FC3BE7316FBC3BDA5ED88CADEF4DC22625D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5d24a8079cc245e38bb16e60a7dcd207b
SHA1228648ea5f73b7833e6b60d03242c414fb6a96ba
SHA25605fd99371f984a410ee8524246c72314d2c73581460656a47dabcebadfcc79da
SHA512ec12914144cf11bbeba69db346fca8420d6fe75397708f15851897d6795d891b3cebeac5c494efa1848c07d337aaabe9751c577a94b136b032df80329671c804