Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
29-03-2024 03:55
General
-
Target
2024-03-29_ff22680e9dfc335dbbf73a4f962ae3a8_mafia.exe
-
Size
428KB
-
MD5
ff22680e9dfc335dbbf73a4f962ae3a8
-
SHA1
1a58ab12b2e0f6c662316418e41bdc9bfdc246ca
-
SHA256
c4f465f9acffa8852b18ca1f3036732b0a5fad8f347abec329c224a01289b524
-
SHA512
4b6068b3f7ccc8184b384a4af2369b22d7e773de92bc91640812e28618962122e0154fa388872257855132a0a065f910ec7b5cc5cafa3f0e1d35e5103c5d60a5
-
SSDEEP
12288:Z594+AcL4tBekiuKzEr9Fmp4B/DHGzXf6zjvN8yYcDOiz5l:BL4tBekiuVrr/DHSyfmQb9
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-29_ff22680e9dfc335dbbf73a4f962ae3a8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-29_ff22680e9dfc335dbbf73a4f962ae3a8_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\C31.tmp"C:\Users\Admin\AppData\Local\Temp\C31.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-29_ff22680e9dfc335dbbf73a4f962ae3a8_mafia.exe 49891A8859020C96406E04EDC66AE0D747817167A39982CCBADF244026E07047EA3BC377EBEECE24D3F25B547ED6F80E68A189823333DE79D20E407FC65FF5E52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD597871acfb1c1af4b08dc77d39b93f838
SHA1bbeaa428f85aff635f3f1b81f0c7104b20974748
SHA2565248eeb6842d3575ad93b0beb6ec4555fba167c2c457e740c9de6780eff7297d
SHA51226dd63bdac1463fc927cced6e82fb67e4e2c0c0000b6d9bf51743c185ba91ac422d1a0563cd4f5bc0ed1af53448a14d739d347f722df9518a547355b1249daf1