Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
07/01/2024, 12:08
General
-
Target
2024-01-06_45e2fec89b16b9e83660bd2a2872b3e6_mafia.exe
-
Size
411KB
-
MD5
45e2fec89b16b9e83660bd2a2872b3e6
-
SHA1
7dac7cc8042a7e9d629f961251d867613eae9444
-
SHA256
40e094e14ed0e4bb8091d2347bec7dbc1f9789ba25789d7dc78dc27e7787ace3
-
SHA512
3f3a90aa9385ce2f006e357e5f639769e4223aee7ba2bb8ef2f2e5f0a1f569f31480381ea5fabbadeb6b8d212c3b505f624eab7b4b714c0615d94e7e37efbf15
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFM/F645B+J+JPxoToUOZ7RKeiRCvhqHI:gZLolhNVyELvy8P+MUOvKeiRkhqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-06_45e2fec89b16b9e83660bd2a2872b3e6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-06_45e2fec89b16b9e83660bd2a2872b3e6_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8F54.tmp"C:\Users\Admin\AppData\Local\Temp\8F54.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-06_45e2fec89b16b9e83660bd2a2872b3e6_mafia.exe 3EC8F39791C6BBF3B4BF808B682D4B4E792F705725BC1552E52A2B1A5E5F9C5BC03199EAFB45A2B68C359C12F0CF15D495F9DFF0DE2D1258F8813DF1C5F3337A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD56cdc9b4ad1101c9f301db7989ba9a2da
SHA19a75f1309bcf3f9a729cc9316101a49368e199ad
SHA2563c89306aeef962a8877253597562a71306ce9d077349ab2161ef29cc1e26df88
SHA51216bccb64dd268fd4bc5ba881449ba089c82b05b3471be1bcb4b399d64971179bdddfea6b1233a033517c10abfe2d221fbc9ce323d5faa7796906b8894d2a94d7