Analysis
-
max time kernel
122s -
max time network
141s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
18/01/2024, 22:40
General
-
Target
2024-01-18_3e057bbedbff546405d0889e8b0d8a26_mafia.exe
-
Size
444KB
-
MD5
3e057bbedbff546405d0889e8b0d8a26
-
SHA1
b8fa30439924d5010bea006d1dfb3e4e30d98481
-
SHA256
82e9bf44c67f2ff76ce73509d8d8616c1589d47d42c197add4b5be2b806df05f
-
SHA512
5db0d35813421b8f5c915637432ae65d156c4e8a296a81032a00fac745c41dcea17ae14a07ef502a96e072c4c57caa02d647e0b676edc1cad082be6ac4b22117
-
SSDEEP
12288:Nb4bZudi79L7l30uegsVXu6d8aLrSjFR8A:Nb4bcdkL7BPXsVXuvjF
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_3e057bbedbff546405d0889e8b0d8a26_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_3e057bbedbff546405d0889e8b0d8a26_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E34D.tmp"C:\Users\Admin\AppData\Local\Temp\E34D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_3e057bbedbff546405d0889e8b0d8a26_mafia.exe 415D8A98E90C5A550B19D941FFCC7AE28592602F65B38867117C2B3C8F096A48E3CF951D1129859559D47CA0631AF05DE85CB60B012B57C40166E334AB6712A82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5ce5283366450eff745cab5d96db114a5
SHA1ec68fccb19973234a1132ca0755f05be93910d8f
SHA25664cce4313923aa4b8cf2b9336a366e1d032380202fe993852a51312fa53b864b
SHA51242969343e039a0a42990aea367cf4d0350e7c3bade64cd2a3bf8a14a545a55a94cb5619bfc909b290b0b03ad0fb3f343f6dce03abf8bd8228f3d447ab1a2e312