Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240319-en -
resource tags
-
submitted
16/04/2024, 04:53
General
-
Target
2024-04-16_80eb5ce80739765343937f23dcd68dcc_mafia.exe
-
Size
479KB
-
MD5
80eb5ce80739765343937f23dcd68dcc
-
SHA1
899ffd337022271699eafc03e4e9b2abba929abd
-
SHA256
31b2cbad2f475e41d4675849989361628ea919e85749eabe68ab05803b001245
-
SHA512
d2e0c0c9bf5e82658806ed38c5de43a7352815d84928cf1bdf8eb470b8dec2138a64a63a21ff0ac1d291230db8746095b7678f15aa18592ab6bab1e6f3a8fc80
-
SSDEEP
6144:b9EyS4oMxIkjxcWqHtg88HARR8Bl5/3bXrv/M8s18GNfj9pBZBMDB9KOY437aeSn:bO4rfItL8HA0tX/MBTNfDkBxseS75UO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-16_80eb5ce80739765343937f23dcd68dcc_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-16_80eb5ce80739765343937f23dcd68dcc_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2BE1.tmp"C:\Users\Admin\AppData\Local\Temp\2BE1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-16_80eb5ce80739765343937f23dcd68dcc_mafia.exe EFC0E586C93CFFE7A35194095FBADA59E20A5A8634F6AE016C1CB9D1839379A803D4F25EE3F1706ADB0D7D79E126F4D38BCC28E97954F4607D4F876870FB73FB2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5baf9f6c1825b868f0b1db505723c0582
SHA1358bcd9e9be0dcd4f7c3e4b2c4b0e8774076ffdc
SHA256014131eaea3a33ce5a5ce80ec7ca92b2b412281ba1187bdc31af28ef7c33e4d8
SHA51243e4bc2cde34f7fd0037f731a7243f69d954849be3add6aa239255bd6f00f1c17c0a4d520b9db4becf5af63b5e6d98d8990bcae1db1fcbad8ce424834838ef0d