Analysis
-
max time kernel
122s -
max time network
136s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
09/01/2024, 06:40
General
-
Target
2024-01-08_4fbe50105d562768ed468b0b58520011_mafia.exe
-
Size
444KB
-
MD5
4fbe50105d562768ed468b0b58520011
-
SHA1
5482862b9d4f6dc00233eff48197478659812bff
-
SHA256
fc444c05415311792223f3559e414bb77ea77db276297247811bdb5c982a3a32
-
SHA512
e475189b66b9c567c0ec0f251f285a0164b2be6bbc6075fdfc823e32ccd5cb15016f09a9bc5d188b6db59f98bb311bfc9fc14da2271bf18b21b15b8fa784491d
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iSta23OeeUXxm8Ce++qKdYbiOTxOQwz+2Kynad:Nb4bZudi79LXdeeUXHqKj2xs+VyabQA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-08_4fbe50105d562768ed468b0b58520011_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-08_4fbe50105d562768ed468b0b58520011_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\BDD3.tmp"C:\Users\Admin\AppData\Local\Temp\BDD3.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_4fbe50105d562768ed468b0b58520011_mafia.exe 2A363D3C91DB678E9E60D63A59F1F7D85048BD1B39E3B6A2D49A92F52B3AD994A47EA29B6133DACD80FB07FFDDC7CA257561F7E5F8D75CE6832EC81ED1FACB1F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5869578be9aa27abb1bf4bac56bcbcabb
SHA17125f1ea27ae63d7f0c18446a5ede8e9d2a20d4b
SHA25695fedce29bee212526a990411bbddd06795ee972ccad4a3afb1690c371471e82
SHA51202f1b55d78adf4b11077bc3fd7709b4a91ed9742062a94336fa89857e24b0df5a47b79cdffd8ba6eb20ad1b1d826799afb4fd93079c60bf9db04862920519f06