Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21/04/2024, 19:37
General
-
Target
2024-04-21_873694d8fafdfde33158cb5728987776_mafia.exe
-
Size
476KB
-
MD5
873694d8fafdfde33158cb5728987776
-
SHA1
776ad489907e0ac19afad6199d1e9a810604a4d9
-
SHA256
27348ee14f2f7ab49598bf601e5b8c68155eaff05cfc6396358c4b1adbe91228
-
SHA512
a44e61f9fe66707aa9a9fac4bd683897b4eb43daddcf62e15385b5984c1f602a7c7a694adcb33dbd281444354a63983f874326390c0dca97b24887c832c78afc
-
SSDEEP
12288:aO4rfItL8HRL7bJts8yFgsCLYoWDPwWEBlHI7K9wlsDpVFd:aO4rQtGRL7bLQ5eWEBRI+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-21_873694d8fafdfde33158cb5728987776_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-21_873694d8fafdfde33158cb5728987776_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\310F.tmp"C:\Users\Admin\AppData\Local\Temp\310F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-21_873694d8fafdfde33158cb5728987776_mafia.exe 131B3BEAD402805B74A0BB802788061C5279DDCDD01B91498FF2EEFF1B3982C3F8C705531874403F569F2005B031EBA6C8111EF0DBCA702C2F47D34C0BE95FB82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD521502bcef0cfc0bf19a2f61d33d7e179
SHA183dea37e5227fefb697c0df2fab66b08e5ec89e8
SHA2569ff4b7f5a05b40e12740aeccb054d145c3c445d42b42db4dcb97774a3ec52041
SHA5123f278adf6ee1dbc7116e5d6a2a179639605dd4a99226bafe4588bee6ea22fed57418e5a946b5bf2dbaa7a5252543f35747fdd50d75cd7ff89d0eac167283877e