Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22/04/2024, 20:28
General
-
Target
2024-04-22_23c858038b70d59acb7c71ef7e80cd92_mafia.exe
-
Size
433KB
-
MD5
23c858038b70d59acb7c71ef7e80cd92
-
SHA1
e155b99bba8a0efa77db03a29870bc47bcaca627
-
SHA256
e4f8ffe3d74f1935352baf9662e4af9d52bb288029108a1cbc76cc4412072364
-
SHA512
991dd224d7252c67513a7ee7d8049c75952bfb9decb9b8494e828bfe7fd95730cca138c27220c8e4d9d4dd2eed86d94d69d23cad530f0edd647b1f62c262a554
-
SSDEEP
12288:Ci4g+yU+0pAiv+wIs//avYXw1SP5YfPXYzW7Ngn:Ci4gXn0pD+wNqcUSPGYzcW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-22_23c858038b70d59acb7c71ef7e80cd92_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-22_23c858038b70d59acb7c71ef7e80cd92_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\AE49.tmp"C:\Users\Admin\AppData\Local\Temp\AE49.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-22_23c858038b70d59acb7c71ef7e80cd92_mafia.exe 565E56DC90C7500FA44C1ED9CCD5A8D3B78B57A33EEAF9C0836927DABA05F40325EC5681F011371D3A453C8BB64D8A28742C723A6F7E223678AEE3968C8CB9572⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD54801f4969d70c877423dd2749398b2b1
SHA11fccf0a3e6e8b1e4c95396ffc0ec2b993ac876ce
SHA2564b006219b8fd0aa0dbd88a361e49264f01311a3370c7b1e064e269cc79dfec2c
SHA512e48f816ff402415137680321df70c62df7f042e829a977b35e4f4c23a2ae1939fd16068034ae65d5ae58306d00ec1e11e1a788b793be07afaafcc7b2ab51b7d9