Analysis
-
max time kernel
119s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
18/01/2024, 23:34
General
-
Target
2024-01-18_f4ac2d18f2fcc6146753b889d13e2fe4_mafia.exe
-
Size
412KB
-
MD5
f4ac2d18f2fcc6146753b889d13e2fe4
-
SHA1
093fd102e17c2d4511ddb5787b820aa4b610d544
-
SHA256
caf1462e2fc4873cfccc453d786303d52c9f0b7f3b88c5eb9653ce1c4025f5e3
-
SHA512
813cc8a10bd600ccdc841739263937b98f04a4587fab77664b1d7a5bc19a9a89115938ad4fd5971ed811075c9c888e580e44725e99290cfd880bb371a7bcb0bb
-
SSDEEP
12288:U6PCrIc9kph5BSY5anq5wNjtLvLtOkQOU:U6QIcOh5wYx5wtZokQO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_f4ac2d18f2fcc6146753b889d13e2fe4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_f4ac2d18f2fcc6146753b889d13e2fe4_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\95F9.tmp"C:\Users\Admin\AppData\Local\Temp\95F9.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-18_f4ac2d18f2fcc6146753b889d13e2fe4_mafia.exe 46724228CF367B93F46765E608EBE707C52AF7D033CACE305FAC54FC532C823AD5A43B78EAE9AA6DA47837A78EC1B3F838807A33A8A8860BB2A172A99857CA662⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD57b5c4d61ce19bc791c587af5de7b3649
SHA15a98c8149b0e3c20d73289d1ce7cc3cabe061807
SHA256e22b51a5857e198606b47fdb23f6b74f73316c72f243d628a1ea8ee9dcb2bf82
SHA512a0d272204ec7f4f76ccbc5c58f4cf7843bc3648eddb5546a4a8408fe0e88683745cc37a5f1692b955870c8c6df55f228d59340b02318e226f9b365b2d416e2bf