Analysis
-
max time kernel
121s -
max time network
134s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
11/04/2024, 01:59
General
-
Target
2024-04-11_e3c83113875028bb2c8df155055529f2_mafia.exe
-
Size
486KB
-
MD5
e3c83113875028bb2c8df155055529f2
-
SHA1
d81a5c80d03c8e11cd6c89a229b004374b182a62
-
SHA256
5ec45048e85979289a4502d43ec7adb335fffe5ac0924b2272bc9201803bd0c2
-
SHA512
c50203541559ec8dffe779e8de570ce3fe4df0e522613a20c7a6006542eb12121a302993d26f4f86b1ccc1b47d56adb05694bd78b52e8b28a09c628984811daa
-
SSDEEP
12288:3O4rfItL8HPktyMouUQQnC894OYQR47rKxUYXhW:3O4rQtGPk47uJQnCurm3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-11_e3c83113875028bb2c8df155055529f2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-11_e3c83113875028bb2c8df155055529f2_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\BB05.tmp"C:\Users\Admin\AppData\Local\Temp\BB05.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-11_e3c83113875028bb2c8df155055529f2_mafia.exe FA5E54FF61D8248637C15EE4D64135F3CF1CCD041796E6C43A2037399259879BCC824D4EAA7C691C0D7F1B232A3560D6B75B27FD46D23D4A30BB02D5ECFFC8622⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5f6c385c3c0f5d1cb40602eb65f533a22
SHA16c52b74591fd740b7dee2f145a82a3d565eec1e9
SHA2561ffe2f9664401ea0faaa5362106471b51468bdeca915b8b08509303d613160ef
SHA512ffa5be5963061036d15eb7074409fb5c76c6c02054bddee02c178e39cbff02b7806ee883d05b489b6c648defb5a4a864cca2b463e525725d85a022bde6d4fdf6