Analysis
-
max time kernel
118s -
max time network
134s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
05/01/2024, 05:41
General
-
Target
2024-01-01_3ee5a0eed5cbdac9e46252f277192f39_mafia.exe
-
Size
468KB
-
MD5
3ee5a0eed5cbdac9e46252f277192f39
-
SHA1
fc7b95758c5bc421bd204114e7dedd5a402d8b78
-
SHA256
174ab97834ffbd19822f96931acd5e44aaca34a912804027a406560bbdcb89b8
-
SHA512
344103553e1d353156c97d37f0cdc5653f19513b46938a05b0fbf49c227a0651f66037ad2007ae215c7ca1b9b000c8ee00bbb47114f41e53200385197e721637
-
SSDEEP
12288:qO4rfItL8HGbg6EOCjS355z8+8S6re7bWmeEVGL:qO4rQtGG06EOvQDyumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-01_3ee5a0eed5cbdac9e46252f277192f39_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-01_3ee5a0eed5cbdac9e46252f277192f39_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\79D1.tmp"C:\Users\Admin\AppData\Local\Temp\79D1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-01_3ee5a0eed5cbdac9e46252f277192f39_mafia.exe 81BE69F9BE6A777E4971C5C184CB4309B4464D8EE948CF121F92037FCA44E0E12BBC6231AA03C14FB5E68403DE3AFFEB3424E81CE2A2D7D65DFB86FD9FCA7D932⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD54b4fa86ff28edac2d86a11bf8d25aa73
SHA162143b6e3e44f2a128c361cbc5292a79954a67c5
SHA256a9c24da3cbd92416c39b91b526df50034e934ae0fdb3b58ab318724c9f7b5d2d
SHA51291898d524c6cb302b2f80611bffc9c6baf472ef2b70ca20c281c4846e08a6dc53780799018243a623880ef0d50dc56587220f7081b0e0e72312cb85c3b7e8f15