Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12/01/2024, 05:58
General
-
Target
2024-01-11_4d29c765e9431577d99e02e4192acbe6_mafia.exe
-
Size
412KB
-
MD5
4d29c765e9431577d99e02e4192acbe6
-
SHA1
8e086d0a4872f9441630c2b112170f23bb992fcf
-
SHA256
96b77bd1ba5e0340133289c5c38fbf4533984e9b9703b4f0254205471363a4d5
-
SHA512
8191b4d7665a019e83439d7ec1b89f9241d0d72aa0616002873663cd2c14300760241ab1c595bba252ecbb192931582d31b4d5729d2fffec66360cd8ec8e2693
-
SSDEEP
12288:U6PCrIc9kph5hqXDcoRXTRGTEm3Ugiij:U6QIcOh52DcqwTlE
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-11_4d29c765e9431577d99e02e4192acbe6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-11_4d29c765e9431577d99e02e4192acbe6_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5F4F.tmp"C:\Users\Admin\AppData\Local\Temp\5F4F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-11_4d29c765e9431577d99e02e4192acbe6_mafia.exe 765008BA14637626D1E293109CD615C61A9B8C9406E0F0BD6853388910E54AC27275A05B6A0F9B25EFE1138DE12BAA7752F4299927B848FD92DB2AFBA2E66D5B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD552eff1168a2ab7e41fd1af904db76908
SHA1ea61559339959f067a8a71702e005de86d06a5f4
SHA25661563bb6360bdc51d5a6c98e53ca51e7f58362732077e12b446f114434bfb166
SHA512a83b429c190ff3470815848da17ec4812e95d64192dad6b3edf31c2474fd516e9a99f65633164f7ee4cfa49674b35daae1fd56afc587cb9cdd6fa7a4a3e18a0d