Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
12-01-2024 06:00
General
-
Target
2024-01-11_6ef37bab41978cace9bae1b466b22cdd_mafia.exe
-
Size
468KB
-
MD5
6ef37bab41978cace9bae1b466b22cdd
-
SHA1
b83b634b83e8ce28041c47bb76f25933fd9e6dbf
-
SHA256
65da541453cb8f340d4bd3bb120047dc497810c1c891c613e769bfcd0796fd71
-
SHA512
2560bd5fa697e098b0ca255459177958cbeb0913e5fcf352d52f89df8c96abef5ebd44e53d99f4f373897010551d080d02e608e839214277c4e9e5bdcc09ef97
-
SSDEEP
12288:qO4rfItL8HGF27JPRiGWTajqL6KC0ZJOc7bWmeEVGL:qO4rQtGG6RiSjq2KC8JzumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\3E7.tmp"C:\Users\Admin\AppData\Local\Temp\3E7.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-11_6ef37bab41978cace9bae1b466b22cdd_mafia.exe 080533F82D36165B3B7FF8EC4ECD5C4586814D459FAA6934C97423F83B8822A0419903C046071E78ECFF9E09250F99417A772DE8050B02BF5F209BB25BC5A49C1⤵
- Deletes itself
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Temp\2024-01-11_6ef37bab41978cace9bae1b466b22cdd_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-11_6ef37bab41978cace9bae1b466b22cdd_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD52e5a1a4f0168707bb3462980ae44d9a2
SHA1f52e3b8c1637281af8b90799acdfe8f21f521774
SHA2568c440daa4ca35551009d5c036e8f36582caac23ddf7be4d2c5fcdf83b50b6635
SHA5122b8ecac823c955a06fb5e68080d547744fb346c75ba24b9b01d930249cb04f4f85e307f4b0049906f5553a8defa9201d95b59d38559b9d30a6c1bf59ae8e28ce