Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
09/04/2024, 15:54
General
-
Target
2024-04-08_26a16e99da5150f7f917aa803a167288_mafia.exe
-
Size
476KB
-
MD5
26a16e99da5150f7f917aa803a167288
-
SHA1
8a6d8592c07cf88963440e5373238f2ee5bb0bd9
-
SHA256
b7d5be44ae83f31ff577bd81c0aac1185cc6b8a500cc8c680a742825d2314a9a
-
SHA512
4880b3225ddb6362596db09c2dac5f4d52382e99f52ca6e40492fb1b06c6d0229c3cfd6e17e715c4a046601c3c496e15f20a9498ec907d210e59b04463aae009
-
SSDEEP
12288:aO4rfItL8HR2X+crDEapSX9Xd5S5jvVt5ptnSX7K9wlsDpVFd:aO4rQtGR2X+c8apSwvNpUX+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-08_26a16e99da5150f7f917aa803a167288_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-08_26a16e99da5150f7f917aa803a167288_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4BDF.tmp"C:\Users\Admin\AppData\Local\Temp\4BDF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-08_26a16e99da5150f7f917aa803a167288_mafia.exe 9B837D894B2C5F5C689B49DA4E22B20C9640B90A6BAC08F11F051FC0CC60EE3CDC846F797E8AFDBC754C201E2E2130C30E1B4766965DA3C532EE156E11FFCF0C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5267e96399a697d22d4f2b876fbd0470b
SHA195e3f51f7a4b80c77a72007efaad9ce8c4bdaf04
SHA25664b887e51410006d67819c959e9185bda04542d9336e1ef213d919220e4c7653
SHA5126f54ba3182650d5b4455d09a027201f40a1eb3d167b9dc6ec36ddaae26f6071cc0aa93d06338d7a3f7d2a82a2dffdda50b9c1baa6d0fe27aac1106ce73cdb1cf