Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
09-04-2024 10:58
General
-
Target
2024-04-09_b47c76c555b44f39f1047a93a66f4851_mafia.exe
-
Size
428KB
-
MD5
b47c76c555b44f39f1047a93a66f4851
-
SHA1
97773a4a8cac73ae43cdbf21940ebc9e7d6993e4
-
SHA256
edfbf9aea246d2a03c3c48e7db43923f7f1b88ad73baf4276942f6e9821fa5c7
-
SHA512
bd39b138df229f025fb50752a5264c4656b64c0fe9701037837ca340908f3a15362783aa6fd930c7b5244a35b1c2938079738323b2f0c3e5e2ca35d872aadfc4
-
SSDEEP
12288:Z594+AcL4tBekiuKzErMz4kMFD+CjCmuJI4a72l:BL4tBekiuVrZz1+Cj/GI4D
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-09_b47c76c555b44f39f1047a93a66f4851_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-09_b47c76c555b44f39f1047a93a66f4851_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\39D5.tmp"C:\Users\Admin\AppData\Local\Temp\39D5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-09_b47c76c555b44f39f1047a93a66f4851_mafia.exe AADB6492C7904F8F34DF871117C98D0234958C08FDC60FBC9AEEBB2CF723989E5FE396496C39D0C08F83364F13760E84D1B6024D2D16A97D40C84E978095B6902⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5ee03ffcb57326cd887e003349751dc13
SHA142f321ec9c4c35dc855c0837c45a1da6652c0223
SHA2569eebdaa2966374d71191dc93020d709fc88250b9193f53c60826f4eec0ddaf8f
SHA512c955fbcb300f44dd0216546cae51c0b2086df9820d2fc1d4e622774195a73b6a3c5504c52a38f3f97102235f25c6f6e353898d5cf4e96a0f9732bc3a7fc377f8