Analysis
-
max time kernel
119s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21-04-2024 21:42
General
-
Target
2024-04-21_9dc52e29aca4ab25f2152a905f28dd03_mafia.exe
-
Size
414KB
-
MD5
9dc52e29aca4ab25f2152a905f28dd03
-
SHA1
65fb3628c6a3f3475d471e78c4e096315ad14bfe
-
SHA256
6c902b3712bbf66edecb27651f8924a5c64d3b10aa79808f68e7cbd215733ce7
-
SHA512
592fb6dc0c81ce345f0fdaef85b1293450b083bf960f543c3f40f0df1a5e34ec3b9cf3d4de8817356a630c805283beb3690799cb190d6a59c050ba140c4b8eb0
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BY0JEe3vcVt2bgupIZWWVr110saTJol:Wq4w/ekieZgU6xEe3kqyhXKml
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-21_9dc52e29aca4ab25f2152a905f28dd03_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-21_9dc52e29aca4ab25f2152a905f28dd03_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8F73.tmp"C:\Users\Admin\AppData\Local\Temp\8F73.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-21_9dc52e29aca4ab25f2152a905f28dd03_mafia.exe E1B47FEC5D0F53436190F7F701003B95B82B97AFF2DD72A4C481530D102233A83F0FAE433197840D8DD9DC4A053AD40B85A00B7BBEBCFC6423769C5F2C60B1842⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD59e2004f5d824b49b603778650b1f5edc
SHA1a382af3aca2fafe3d48b1cfc18fd5700eeba30e9
SHA256b1e377dbb43168bbd314a4161ad408ffb4bbdd69b6aedffaad34687a1b8dff13
SHA51200b399ef0aa03aaba4b6b97b3a57d4efecff59da50cec5430a06a0977536329949c8fb0c4ce27d2748b051407958c65ebc468fa5241ebf47433883611c35715c