Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
04-04-2024 22:34
General
-
Target
2024-04-04_b5da472bdb0c804a43edb544695cabd2_mafia.exe
-
Size
428KB
-
MD5
b5da472bdb0c804a43edb544695cabd2
-
SHA1
045fb48715c6768371c15bb0e761b45592f720fb
-
SHA256
65ef5d40f5286f27654e89804e51e292efe8f9661fe7f4efe63e754b9f46c0a6
-
SHA512
544c91d6bec7b32761e8bc22649f903d748f70ccaa3303ac4d180af9d440b67844e522ac37b05d1a185e41b299b982266665e312fb872716cad1923f20321980
-
SSDEEP
12288:Z594+AcL4tBekiuKzEr6CcyngVP8RtMygRf2oTJ9FQRmmiAkEl:BL4tBekiuVr6BJVxnRf7djE
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-04_b5da472bdb0c804a43edb544695cabd2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-04_b5da472bdb0c804a43edb544695cabd2_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B85.tmp"C:\Users\Admin\AppData\Local\Temp\B85.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-04_b5da472bdb0c804a43edb544695cabd2_mafia.exe 25F01511D1C9A6728270BCEBF5B62AA2F9E2EAC75D619B7172EB8AA331A6294C839CF471310322D112335C25DF69ADD1B6032E8B1E8901620EBBDDBAA3F0D1DD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5bcb6fc24cb7b4547bff1cfe76d842453
SHA13a8142ad55aac18ce1fe7f94ad0815e33ae5503f
SHA256b02734043ad570ed5b9fd9b4da7fb72b9d8e1722cd1cc2f6f1c7b773ee544f51
SHA5129c3fc3537064098b53d72622683589b31be01d2adc69cc49137d6f6ba53133d4ad1bdec1d105991c55c2690028c2ff473e44f57c8ae3e664ec61f3aa9cdc2f54