Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
15/04/2024, 15:06
General
-
Target
2024-04-15_d5150fea0118debee51ef0a5d93f7f8b_mafia.exe
-
Size
468KB
-
MD5
d5150fea0118debee51ef0a5d93f7f8b
-
SHA1
d375d14b4766e36bc40263ce39390e0079974a91
-
SHA256
1a09a4ea70280cf436c561f0821f7ba12e1cfc4444996df410599c8f1cb0c472
-
SHA512
24896b418125f54f23c7d4086f992b9125351f18b959521235510761829a07fdb6ecf8f06e62ce6808c2e9346bfa1f086a4c107e857a2c8a36d5f7a60622bcb1
-
SSDEEP
12288:qO4rfItL8HG4Tu/PfgDp7/m61A6u7bWmeEVGL:qO4rQtGGKuXYpzm61A6uumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-15_d5150fea0118debee51ef0a5d93f7f8b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-15_d5150fea0118debee51ef0a5d93f7f8b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\758D.tmp"C:\Users\Admin\AppData\Local\Temp\758D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-15_d5150fea0118debee51ef0a5d93f7f8b_mafia.exe 98E90273FD0F8A9C88B32FCE834962C8E7DDC0528E2B97FE84FCEBC93CC598E1F54EE4E7D30E2AC1C22A44BE681AF43783DB52DCC2355291A28DA32F7CCCED1C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD52a3b5ff5279284217ab787f599d8e752
SHA12ff0294933826304eb1af12e6d5d9e4d365244fb
SHA25677721feeeab340986d52be937cab841a8701081ecb0ca5f615a41be4373263f7
SHA512ca0003b176578fe953d871b712fc67cccb01a6b966e5fd02fc83a8f4db22d32421a686e82aa672f0659444f5b27ce7e1e06cf136e972b3e2501f95e6b081422e