Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
18-01-2024 23:37
General
-
Target
2024-01-18_feaf2a6d1791e928a3e48429b30eff2a_mafia.exe
-
Size
433KB
-
MD5
feaf2a6d1791e928a3e48429b30eff2a
-
SHA1
46350b5c16d778402ae0499ff5f1e9006619a1bd
-
SHA256
56b4edb0f990044c0923253b717722d6325f5ec7dd99a0c47c1906d52b8ac3af
-
SHA512
782519921a425b99a0ed9238929be49fdf11a8fdcfb5ffcfbbb9fac407a985c876342579c90201017a8af33b3dcad9a3f5702a5c24e40be3c2c47e3a14370886
-
SSDEEP
12288:Ci4g+yU+0pAiv+iOnHcrmkfbOV9edtwI/9fOAP2n:Ci4gXn0pD+ikWbOV9edT/9fNW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_feaf2a6d1791e928a3e48429b30eff2a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_feaf2a6d1791e928a3e48429b30eff2a_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E91.tmp"C:\Users\Admin\AppData\Local\Temp\E91.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_feaf2a6d1791e928a3e48429b30eff2a_mafia.exe B29BC22254D7C6971FE8D83077D18F31873F4D9C183BE64E46226A2E96834793C1FD43E9BB5B3670935D5CD20089697C05DE088AE298F1C39165570BC38478742⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD50f2d0e3743d0c12560f79c09bf0ca525
SHA12600820bb401f3f085c6b07957b9681c9b28caac
SHA256e56eb29be0ea4174380c609d31fd9a443e16daca1d8e8e8d1a19d2846438e6dd
SHA5124a97d354b571cf9f75981a6a2aa19334c714fa6a02379d62e5c58d7ffe0279d699a5aed1b9e6417fa7cc06c5e7eaea38b41265d44666fa78597f5e6d0464181a