Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
09-01-2024 06:45
General
-
Target
2024-01-08_9a403b1b9646f3e9413be276e8d629b3_mafia.exe
-
Size
414KB
-
MD5
9a403b1b9646f3e9413be276e8d629b3
-
SHA1
34957d1d1969a867ea3cfc0fdb11fb6acc4e8d60
-
SHA256
4531b59288b45caf9ff04be56ac0afa44ddf0f17af1a8473b0d0e7dc569e3e2d
-
SHA512
0e1e08905c1abc17c0a226b0c91c4ae7212918015d1b4e381cf856547b843e481960fb227f82967014d19ae1484417cd7743413303c1e2e8d2f8d45d05a4d271
-
SSDEEP
12288:Wq4w/ekieZgU6DZXflJTKybbCyljkjBUl:Wq4w/ekieH6VBlj2BU
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-08_9a403b1b9646f3e9413be276e8d629b3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-08_9a403b1b9646f3e9413be276e8d629b3_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8E99.tmp"C:\Users\Admin\AppData\Local\Temp\8E99.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_9a403b1b9646f3e9413be276e8d629b3_mafia.exe 1A94F0159D2965380D5F0BA9B391CA4944A058674DBAB15A130A68A6E6CA4F72666D8A8BD069949A205EF5909F864EB259AEDEE656E5635083ACC7279D26DB5C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5a54eac464be65a35b307c44941f85e12
SHA131d26ed3b98e42b39e493b75c0cf91acbbd5ece1
SHA256e419ad61b64baef7fc7bcef73053b0c2d2cd300c488de175e08068f495785a32
SHA51253515af3f8f869ff85f10f7142c11cc6569770523d0450beceba98be5ccea88b1ce462b6aac10251198aa1437f81f9f18c2d5b59bbfde82037022551aabf47e3