Analysis
-
max time kernel
117s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
19-04-2024 09:29
General
-
Target
2024-04-19_4fb57b3cea28252ec2b2e6fed43fb9a2_mafia.exe
-
Size
428KB
-
MD5
4fb57b3cea28252ec2b2e6fed43fb9a2
-
SHA1
d2b897e3be1438b640b344b93c7de5b4ea0471f9
-
SHA256
db4c1fbcc1c4888ec4e4d43ce1e04021a66684b611c50349f2200a920fcd2820
-
SHA512
515754c17f73440532dc62fc3069bda4f710d09f837f9ef2c00bdb2a86005a193d6913a32f794ce78411bb43a402e4efd85fe57af406a9a5dfd4dccbb55b314c
-
SSDEEP
12288:Z594+AcL4tBekiuKzErWSiXxGUNHp/alffqZnVSjgl:BL4tBekiuVrWSiXxGa/alfSdqg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-19_4fb57b3cea28252ec2b2e6fed43fb9a2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-19_4fb57b3cea28252ec2b2e6fed43fb9a2_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\55ED.tmp"C:\Users\Admin\AppData\Local\Temp\55ED.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-19_4fb57b3cea28252ec2b2e6fed43fb9a2_mafia.exe 52CDC6E1770253A70388D3436A9A927DF50CE2639C3AB0F2DF7E84245499E8ED64A19059197DA70962FF6FB01C3D2B8E8A8E567636014469DC4198AA342488B92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5fd0df31747ba9f7f41822a34076598d7
SHA1b203d48fdef14280b984ac4d2952801e1a97a193
SHA256c7d6a2edf7d3377293e487bbc561e55ca325e9c844a2990ff84b93fa98aa9e88
SHA512c5e88faa28a2efc2be03381efdf353a004ed5c1a7adedb766c0daae323a8fc5beeb14eb1d4d6263ca09d495b64830ffc4c01383a212fca39259d3effa689e940