Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
09-01-2024 06:49
General
-
Target
2024-01-08_ddb710370646b7e6cf35fcc5e009db9a_mafia.exe
-
Size
414KB
-
MD5
ddb710370646b7e6cf35fcc5e009db9a
-
SHA1
7d3b9eac1c311d72bceb7faa302cb790b5b2cc1d
-
SHA256
07aa582d60f311429fcf253f0186597c2be347ffe6f8cfc8d4d9b0ff8127c8bb
-
SHA512
1f69546cd3c9f76b988d695e29c44b5ba1000a8e8eae33349fa2006c5516a93b84b5edbbe815937b1815849194872a8795553278d9a774439b1b01713c64d8c1
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYRG2YT04dGAxlkS7USlfkMPzq5Rt7kWHRkto8lx:Wq4w/ekieZgU612i0UhbkM7q5R1ktjlx
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\6F3.tmp"C:\Users\Admin\AppData\Local\Temp\6F3.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_ddb710370646b7e6cf35fcc5e009db9a_mafia.exe 30E4EB93E382942D2D136C3CCFF780380DD9DAE77624AE452F2EB306CD8E1BD5292B0A3DCF2CD7C575C20622AD67A958F6AFFA3C162829545448F43CDDD464A81⤵
- Deletes itself
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Temp\2024-01-08_ddb710370646b7e6cf35fcc5e009db9a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-08_ddb710370646b7e6cf35fcc5e009db9a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
92KB
MD5e834545be73254c8db0fd3787c810427
SHA13a4862db7caf1d3fb85eed534b99584b906165ba
SHA256ee52e1896adf73f739a0dfc4b940dc5e765a3da236ba28e6c29cc6252379bf85
SHA512f7b1a2f8c322b0224d8b9fedb69352569942165f503b42cd40d697347b1aed4f6a8d6da92fcf19f360cc5ebcd34f4346a8e567b64bf66de0e507a8903ffbb2ec