Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
09/01/2024, 06:40
General
-
Target
2024-01-08_4adeffebbfbcead0bfc8ec976dad776b_mafia.exe
-
Size
444KB
-
MD5
4adeffebbfbcead0bfc8ec976dad776b
-
SHA1
31e08f95d5e7b3d887707a4cb2d85a01393d521d
-
SHA256
05a0cc26067d74433181fabac2a453337bd33a277a03b444887ae1b5f52525c1
-
SHA512
53cb1db9318d65f801414efeb4cefb1ca26e6a3e6d113bd7ec053be934a16d8a672952ca28ca0cde25d54ce576c397aaf70feea9223d75a064cd40af38e1e6b0
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStQ/ZhbnpnPh/tnIu6a0xnZqr9Fpu72rzvePp:Nb4bZudi79LPJpPTnIu5cnZqxFp8CPA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-08_4adeffebbfbcead0bfc8ec976dad776b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-08_4adeffebbfbcead0bfc8ec976dad776b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1536.tmp"C:\Users\Admin\AppData\Local\Temp\1536.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_4adeffebbfbcead0bfc8ec976dad776b_mafia.exe 9419A72FAA036F4749634DDC3FA4BE8B1C50FCB17C7604285E5BEC7B8CD605B92BF408B21F0CE3BDC4B403D2DAF09E4C711A106C0612260CEB299DA41801703F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD57c164961074b0dda13b2a2ba4c649876
SHA1fec0a27cf4aa3a29ea07e7215390d38f35e928d3
SHA25685603b449897c9c2cd2fc7b4510ab31db40077c051f8a4a908a01ad7d741a5d6
SHA512864bbd4f4a5464fc5e2512b45fbb73e8bb9137848bfd6be556f4549b3e248c35b49dab464c3bf5e161aa1df53a21b9b0a1c8adfe3a10844ba774e4163c3f3dee