Analysis
-
max time kernel
120s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
06-04-2024 02:48
General
-
Target
2024-04-06_9c90b57b3bc3af4b8a2666302461de57_mafia.exe
-
Size
443KB
-
MD5
9c90b57b3bc3af4b8a2666302461de57
-
SHA1
121b8f65f795a5153dd471d23909bc98a9619940
-
SHA256
e7dfa452ed1ef7b6d9affa57578fbb29e3a79479e553da514b4b1ab40448f95b
-
SHA512
5899a916eab2a5dd60618233f612722a23277eaa779da95dbbff0e48c31b01fb5b8c206b9b5b6341da55cc79fae8bd8bb7d79c57cb15369d455a1468a8c037f2
-
SSDEEP
12288:Wq4w/ekieZgU6tKxT0elfydIu/9uz+SclMa:Wq4w/ekieH6QxIelf0IC9u4P
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-06_9c90b57b3bc3af4b8a2666302461de57_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-06_9c90b57b3bc3af4b8a2666302461de57_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\60F4.tmp"C:\Users\Admin\AppData\Local\Temp\60F4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-06_9c90b57b3bc3af4b8a2666302461de57_mafia.exe 142DC8D968F91BAF00A933A2FFE294C07420482D01D49A7D7C950C873A12BEB7A5759FF2C1E995C5D19F8C86E3DFB69ECDE909C62FCD3A1ADF58F80CC1937AC72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD52993ef8210aabe580a74d6a3cbd6408a
SHA1f424aca25e7af1e08d12b7915619ed3d4196dabf
SHA256d65419a564e87151135aef4a7164bbe02eacacfc24db2da88f80aa726706e757
SHA512778effecf03aaa4251adbf345dec612d5151457accd3e4ec52150a2e6546b9b2f4367a01c38f9f3caebc891a8eef581dcda1c952dd14695e0306aec36f844dab