Analysis
-
max time kernel
121s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
20-04-2024 00:46
General
-
Target
2024-04-20_52845de3b3a50bfc8cffe222bd63088b_mafia.exe
-
Size
414KB
-
MD5
52845de3b3a50bfc8cffe222bd63088b
-
SHA1
da2378beb9b72f8199b1ff75d8702d85b702417d
-
SHA256
2a9906215fa767cb1c1fd1fe87ba70e063e039b59b06cc7542bb0ff5a8260988
-
SHA512
1d5c46f263d2c679bc1646385dfcdb6bb2a7b2bf3c6be8aab81ae9d921b38bce4d62c11b2a6048779a41170a4080d4ff6e0e69fe0e7b253a40cf6a4f9fe8e688
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BY5E1yd77I/T/jEvpJ8ZDpdS0W6BXCdiqqTl:Wq4w/ekieZgU607u/gutpdSZGsYTl
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-20_52845de3b3a50bfc8cffe222bd63088b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-20_52845de3b3a50bfc8cffe222bd63088b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B66.tmp"C:\Users\Admin\AppData\Local\Temp\B66.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-20_52845de3b3a50bfc8cffe222bd63088b_mafia.exe 3C78EA30B6989C1E6FDC6664E19360C199EC67F736BEBB146C68277E35DB0677FE9119DB636258AEDF77BA7213BF67F9B70A94F6A172EE947713C20EFB24E0122⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD513e8c997e254929d54f3250801f71175
SHA1ca129bdb2dd213701721f43c213a84b8800d38b4
SHA2562f81ff3034e1c9c3d81af6f08608dc2f89a45cd3a340928a64cda2bf87d9ae9c
SHA512c269fcb81bf75c9336530d1a87295d38b40cd39b4ae4a469ed0734e7cfb50c9426e3e46a3988d79bc73c907f0ae3eae7d1d67929e6c973466b6095161eb0dfe9