Analysis
-
max time kernel
121s -
max time network
134s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
05/04/2024, 12:33
General
-
Target
2024-04-05_69ed90b57d9128862db8b6f4e8a81bf0_mafia.exe
-
Size
476KB
-
MD5
69ed90b57d9128862db8b6f4e8a81bf0
-
SHA1
6a83fccbf7c5a0f0f98b715f9d1abb38e4ff3ac2
-
SHA256
780633d7fc43a4901643e0c9eb0643501f66531994803c314f6e0435b00fe11f
-
SHA512
71aa719b4d50fbf2f5956a05c6e1884c4b827157dd63927feee223d20e006f78e90797f23d62b812f2c46c11370bd98300e90e09e6d337e2345022c6eff853da
-
SSDEEP
12288:aO4rfItL8HRjeN74xWhyDORbipOb7K9wlsDpVFd:aO4rQtGRCpmfDGlb+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_69ed90b57d9128862db8b6f4e8a81bf0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_69ed90b57d9128862db8b6f4e8a81bf0_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7790.tmp"C:\Users\Admin\AppData\Local\Temp\7790.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-05_69ed90b57d9128862db8b6f4e8a81bf0_mafia.exe EABD03FAF3944A9FF47C953495026962D47A31BAC49301476430A2436E194A19FE6417CF3FECEC9FDF90F266B04A16F45D65EC75AFEE41F577A083AC4B9479702⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5119465830e84cd9f4e0284ee8bb294d6
SHA17e63df1a35910f4f489eb55ddeffbfadf888502f
SHA25649746e287ebe7d980060b45b41f9576d2295c76fd48ea147e1d0d846b9fcaf15
SHA5122a722f0e6eeffbc2008cf4e320d6b73ecc10c3c1c6157077a87d4213afdbf1a731e1d6e19dba0880858106cdb5055b28aa73b614fe003f9d12b22a5b5e1cfc91