Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
18-01-2024 22:31
General
-
Target
2024-01-18_2122081a06934db362494c6a4e052382_mafia.exe
-
Size
444KB
-
MD5
2122081a06934db362494c6a4e052382
-
SHA1
20e9334500462cb6df03c4a0335cde981565e61e
-
SHA256
0f807dc65b02082780f5d969f70aeb7b157bc56b3622592861277cdb01ded35c
-
SHA512
34f7d00bc7c512d9de1eaab0637d3f8b922d872276bda6db9e6cd74d7a0042b9f0fb078d31600cd59fa8e28987e8ab46a10170940f4f19fb6b8da34893082526
-
SSDEEP
12288:Nb4bZudi79LW7yeSNqETqrYrAvl8pBsg7ke5AA:Nb4bcdkLW21N3erhkbd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_2122081a06934db362494c6a4e052382_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_2122081a06934db362494c6a4e052382_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1017.tmp"C:\Users\Admin\AppData\Local\Temp\1017.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_2122081a06934db362494c6a4e052382_mafia.exe 6197D9FBAC981060B457687559ABFEE54120AEE4E3B038AD6EA60ACCA87EA92121F00915B104D049904EE14A7B83056226B94C4369300991C8CE82907C4164C82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5c3b4708452cd2204f0c27805ddc7b290
SHA16f26609dbb28569c496b6829d7636887070829c9
SHA25656d165e83689bc6902720aca68c5b2b33c13f23e9bd5ba37661f9afe68cd7be6
SHA5129c86aaf85a3d3f58108a9be9f5d75b90d0dfda4af4959cb5b69958b5af19a5c3452cc4c680fbbc2dfe76d8734359edb7fa0034640181a74b0692be2f90c4ce9f